Vulnerabilities > Mitel > Micollab Audio WEB Video Conferencing
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-26 | CVE-2020-11797 | Missing Authentication for Critical Function vulnerability in Mitel Micollab Audio, web & Video Conferencing An Authentication Bypass vulnerability in the Published Area of the web conferencing component of Mitel MiCollab AWV before 8.1.2.4 and 9.x before 9.1.3 could allow an unauthenticated attacker to gain access to unauthorized information due to insufficient access validation. | 5.0 |
| 2020-06-10 | CVE-2020-11798 | Path Traversal vulnerability in Mitel Micollab Audio, web & Video Conferencing 9.0 A Directory Traversal vulnerability in the web conference component of Mitel MiCollab AWV before 8.1.2.4 and 9.x before 9.1.3 could allow an attacker to access arbitrary files from restricted directories of the server via a crafted URL, due to insufficient access validation. | 5.0 |
| 2020-03-02 | CVE-2019-19608 | SQL Injection vulnerability in Mitel Micollab Audio, web & Video Conferencing A SQL injection vulnerability in in the web conferencing component of Mitel MiCollab AWV before 8.1.2.2 could allow an unauthenticated attack due to insufficient input validation for the registeredList.cgi page. | 7.5 |
| 2020-03-02 | CVE-2019-19607 | SQL Injection vulnerability in Mitel Micollab Audio, web & Video Conferencing A SQL injection vulnerability in the web conferencing component of Mitel MiCollab AWV before 8.1.2.2 could allow an unauthenticated attack due to insufficient input validation for the session parameter. | 7.5 |
| 2020-03-02 | CVE-2019-19371 | Cross-site Scripting vulnerability in Mitel Micollab Audio, web & Video Conferencing A cross-site scripting (XSS) vulnerability in the web conferencing component of Mitel MiCollab AWV before 8.1.2.2 could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due to insufficient validation in the join meeting interface. | 4.3 |