Vulnerabilities > Mitel > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-12-18 | CVE-2020-24693 | Unspecified vulnerability in Mitel Micontact Center Business 8.0/9.0.0.0/9.0.1.0 The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow a local attacker to view system information due to insufficient output sanitization. | 2.1 |
2020-12-18 | CVE-2020-25609 | Cross-site Scripting vulnerability in Mitel Micollab The NuPoint Messenger Portal of Mitel MiCollab before 9.2 could allow an authenticated attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. | 3.5 |
2020-09-25 | CVE-2020-24692 | Improper Input Validation vulnerability in Mitel Micontact Center Business 8.0/9.0.0.0/9.0.1.0 The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow an attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. | 3.6 |
2018-07-13 | CVE-2016-6562 | Improper Certificate Validation vulnerability in Mitel Shortel Mobility Client 9.1.3.109 On iOS and Android devices, the ShoreTel Mobility Client app version 9.1.3.109 fails to properly validate SSL certificates provided by HTTPS connections, which means that an attacker in the position to perform MITM attacks may be able to obtain sensitive account information such as login credentials. | 2.9 |
2018-05-22 | CVE-2018-3639 | Information Exposure Through Discrepancy vulnerability in multiple products Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. | 2.1 |