Mitel

Micontact Center Business

12 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1

CVE-2025-27827

  • EPSS 0.12%
  • Veröffentlicht 24.06.2025 14:15:28
  • Zuletzt bearbeitet 26.06.2025 18:58:14

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.2.0.3 could allow an unauthenticated attacker to conduct an information disclosure attack due to improper handling of session data. A successful exploit requir...

7.1

CVE-2025-27828

  • EPSS 0.07%
  • Veröffentlicht 24.06.2025 14:15:28
  • Zuletzt bearbeitet 26.06.2025 18:58:14

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4, 10.1.0.0 through 10.1.0.5, and 10.2.0.0 through 10.2.0.4 could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attac...

8.1

CVE-2024-42514

  • EPSS 0.23%
  • Veröffentlicht 01.10.2024 19:15:07
  • Zuletzt bearbeitet 30.05.2025 01:26:00

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.1.0.4 could allow an unauthenticated attacker to conduct an unauthorized access attack due to inadequate access control checks. A successful exploit requires u...

6.1

CVE-2024-35283

  • EPSS 0.55%
  • Veröffentlicht 29.05.2024 16:15:10
  • Zuletzt bearbeitet 29.05.2025 20:23:14

A vulnerability in the Ignite component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct a stored cross-site scripting (XSS) attack due to insufficient input validation.

5.4

CVE-2024-35284

  • EPSS 0.65%
  • Veröffentlicht 29.05.2024 16:15:10
  • Zuletzt bearbeitet 29.05.2025 20:22:05

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due to insufficient input validation.

6.8

CVE-2024-28070

  • EPSS 0.3%
  • Veröffentlicht 16.03.2024 06:15:14
  • Zuletzt bearbeitet 02.06.2025 14:18:03

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due to insufficient input validation. A successful explo...

7.5

CVE-2024-28069

  • EPSS 0.35%
  • Veröffentlicht 16.03.2024 06:15:13
  • Zuletzt bearbeitet 02.06.2025 14:19:11

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an at...

7.5

CVE-2023-22854

  • EPSS 0.36%
  • Veröffentlicht 13.02.2023 18:15:11
  • Zuletzt bearbeitet 21.03.2025 19:15:44

The ccmweb component of Mitel MiContact Center Business server 9.2.2.0 through 9.4.1.0 could allow an unauthenticated attacker to download arbitrary files, due to insufficient restriction of URL parameters. A successful exploit could allow access to ...

9.1

CVE-2021-3352

  • EPSS 0.37%
  • Veröffentlicht 13.08.2021 16:15:08
  • Zuletzt bearbeitet 21.11.2024 06:21:22

The Software Development Kit in Mitel MiContact Center Business from 8.0.0.0 through 8.1.4.1 and 9.0.0.0 through 9.3.1.0 could allow an unauthenticated attacker to access (view and modify) user data without authorization due to improper handling of t...

3.3

CVE-2020-24693

  • EPSS 0.05%
  • Veröffentlicht 18.12.2020 08:15:13
  • Zuletzt bearbeitet 21.11.2024 05:15:48

The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow a local attacker to view system information due to insufficient output sanitization.