Vulnerabilities > Mitel > Micontact Center Business
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-13 | CVE-2023-22854 | Unspecified vulnerability in Mitel Micontact Center Business The ccmweb component of Mitel MiContact Center Business server 9.2.2.0 through 9.4.1.0 could allow an unauthenticated attacker to download arbitrary files, due to insufficient restriction of URL parameters. | 7.5 |
| 2021-08-13 | CVE-2021-3352 | Unspecified vulnerability in Mitel Micontact Center Business The Software Development Kit in Mitel MiContact Center Business from 8.0.0.0 through 8.1.4.1 and 9.0.0.0 through 9.3.1.0 could allow an unauthenticated attacker to access (view and modify) user data without authorization due to improper handling of tokens. | 6.4 |
| 2020-12-18 | CVE-2020-24693 | Unspecified vulnerability in Mitel Micontact Center Business 8.0/9.0.0.0/9.0.1.0 The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow a local attacker to view system information due to insufficient output sanitization. | 2.1 |
| 2020-09-25 | CVE-2020-24692 | Improper Input Validation vulnerability in Mitel Micontact Center Business 8.0/9.0.0.0/9.0.1.0 The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow an attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. | 3.6 |
| 2020-02-25 | CVE-2020-9379 | Incorrect Authorization vulnerability in Mitel Micontact Center Business 8.0/9.0.0.0/9.0.1.0 The Software Development Kit of the MiContact Center Business with Site Based Security 8.0 through 9.0.1.0 before KB496276 allows an authenticated user to access sensitive information. | 4.0 |