Vulnerabilities > Mitel > Micollab Audio WEB Video Conferencing > 9.0

DATE CVE VULNERABILITY TITLE RISK
2020-08-26 CVE-2020-11797 Missing Authentication for Critical Function vulnerability in Mitel Micollab Audio, web & Video Conferencing
An Authentication Bypass vulnerability in the Published Area of the web conferencing component of Mitel MiCollab AWV before 8.1.2.4 and 9.x before 9.1.3 could allow an unauthenticated attacker to gain access to unauthorized information due to insufficient access validation.
network
low complexity
mitel CWE-306
5.0
2020-06-10 CVE-2020-11798 Path Traversal vulnerability in Mitel Micollab Audio, web & Video Conferencing 9.0
A Directory Traversal vulnerability in the web conference component of Mitel MiCollab AWV before 8.1.2.4 and 9.x before 9.1.3 could allow an attacker to access arbitrary files from restricted directories of the server via a crafted URL, due to insufficient access validation.
network
low complexity
mitel CWE-22
5.0