Vulnerabilities > Mitel > Micollab Audio WEB Video Conferencing > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-03-02 CVE-2019-19607 SQL Injection vulnerability in Mitel Micollab Audio, web & Video Conferencing
A SQL injection vulnerability in the web conferencing component of Mitel MiCollab AWV before 8.1.2.2 could allow an unauthenticated attack due to insufficient input validation for the session parameter.
network
low complexity
mitel CWE-89
critical
 9.8
9.8
2020-03-02 CVE-2019-19608 SQL Injection vulnerability in Mitel Micollab Audio, web & Video Conferencing
A SQL injection vulnerability in in the web conferencing component of Mitel MiCollab AWV before 8.1.2.2 could allow an unauthenticated attack due to insufficient input validation for the registeredList.cgi page.
network
low complexity
mitel CWE-89
critical
 9.8
9.8
2019-05-29 CVE-2019-12165 Unspecified vulnerability in Mitel products
MiCollab 7.3 PR2 (7.3.0.204) and earlier, 7.2 (7.2.2.13) and earlier, and 7.1 (7.1.0.57) and earlier and MiCollab AWV 6.3 (6.3.0.103), 6.2 (6.2.2.8), 6.1 (6.1.0.28), 6.0 (6.0.0.61), and 5.0 (5.0.5.7) have a Command Execution Vulnerability.
network
low complexity
mitel
critical
 9.8
9.8