Vulnerabilities > Mitel > Micollab > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-10-25 | CVE-2022-36451 | Server-Side Request Forgery (SSRF) vulnerability in Mitel Micollab A vulnerability in the MiCollab Client server component of Mitel MiCollab through 9.5.0.101 could allow an authenticated attacker to conduct a Server-Side Request Forgery (SSRF) attack due to insufficient restriction of URL parameters. | 8.8 |
2022-10-25 | CVE-2022-36453 | Unspecified vulnerability in Mitel Micollab A vulnerability in the MiCollab Client API of Mitel MiCollab 9.1.3 through 9.5.0.101 could allow an authenticated attacker to modify their profile parameters due to improper authorization controls. | 8.8 |
2021-08-13 | CVE-2021-32071 | Unspecified vulnerability in Mitel Micollab The MiCollab Client service in Mitel MiCollab before 9.3 could allow an unauthenticated user to gain system access due to improper access control. | 7.5 |
2014-04-07 | CVE-2014-0160 | Out-of-bounds Read vulnerability in multiple products The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug. | 7.5 |