Mitel

Micontact Center Business

12 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1

CVE-2025-27827

  • EPSS 0.12%
  • Published 24.06.2025 14:15:28
  • Last modified 26.06.2025 18:58:14

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.2.0.3 could allow an unauthenticated attacker to conduct an information disclosure attack due to improper handling of session data. A successful exploit requir...

7.1

CVE-2025-27828

  • EPSS 0.07%
  • Published 24.06.2025 14:15:28
  • Last modified 26.06.2025 18:58:14

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4, 10.1.0.0 through 10.1.0.5, and 10.2.0.0 through 10.2.0.4 could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attac...

8.1

CVE-2024-42514

  • EPSS 0.23%
  • Published 01.10.2024 19:15:07
  • Last modified 30.05.2025 01:26:00

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.1.0.4 could allow an unauthenticated attacker to conduct an unauthorized access attack due to inadequate access control checks. A successful exploit requires u...

6.1

CVE-2024-35283

  • EPSS 0.55%
  • Published 29.05.2024 16:15:10
  • Last modified 29.05.2025 20:23:14

A vulnerability in the Ignite component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct a stored cross-site scripting (XSS) attack due to insufficient input validation.

5.4

CVE-2024-35284

  • EPSS 0.65%
  • Published 29.05.2024 16:15:10
  • Last modified 29.05.2025 20:22:05

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due to insufficient input validation.

6.8

CVE-2024-28070

  • EPSS 0.3%
  • Published 16.03.2024 06:15:14
  • Last modified 02.06.2025 14:18:03

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due to insufficient input validation. A successful explo...

7.5

CVE-2024-28069

  • EPSS 0.35%
  • Published 16.03.2024 06:15:13
  • Last modified 02.06.2025 14:19:11

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an at...

7.5

CVE-2023-22854

  • EPSS 0.36%
  • Published 13.02.2023 18:15:11
  • Last modified 21.03.2025 19:15:44

The ccmweb component of Mitel MiContact Center Business server 9.2.2.0 through 9.4.1.0 could allow an unauthenticated attacker to download arbitrary files, due to insufficient restriction of URL parameters. A successful exploit could allow access to ...

9.1

CVE-2021-3352

  • EPSS 0.37%
  • Published 13.08.2021 16:15:08
  • Last modified 21.11.2024 06:21:22

The Software Development Kit in Mitel MiContact Center Business from 8.0.0.0 through 8.1.4.1 and 9.0.0.0 through 9.3.1.0 could allow an unauthenticated attacker to access (view and modify) user data without authorization due to improper handling of t...

3.3

CVE-2020-24693

  • EPSS 0.05%
  • Published 18.12.2020 08:15:13
  • Last modified 21.11.2024 05:15:48

The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow a local attacker to view system information due to insufficient output sanitization.