Vulnerabilities > Mitel > Mivoice Connect Client > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-04-17 CVE-2020-10211 Improper Input Validation vulnerability in Mitel Mivoice Connect and Mivoice Connect Client
A remote code execution vulnerability in UCB component of Mitel MiVoice Connect before 19.1 SP1 could allow an unauthenticated remote attacker to execute arbitrary scripts due to insufficient validation of URL parameters.
network
low complexity
mitel CWE-20
critical
 9.8
9.8
2020-04-17 CVE-2020-10377 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Mitel Mivoice Connect and Mivoice Connect Client
A weak encryption vulnerability in Mitel MiVoice Connect Client before 214.100.1214.0 could allow an unauthenticated attacker to gain access to user credentials.
network
low complexity
mitel CWE-327
critical
 9.8
9.8