Known Vulnerabilities for products from Mitel

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Mitel".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2021-37586 The PowerPlay Web component of Mitel Interaction Recording Multitenancy systems before 6.7 could allow a user (with Administr... 4.9 - MEDIUM 2021-08-13 2021-08-25
CVE-2021-32072 The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to get source code information (di... 6.5 - MEDIUM 2021-08-13 2021-08-25
CVE-2021-32071 The MiCollab Client service in Mitel MiCollab before 9.3 could allow an unauthenticated user to gain system access due to imp... 9.8 - CRITICAL 2021-08-13 2021-08-23
CVE-2021-32070 The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to perform a clickjacking attack d... 5.4 - MEDIUM 2021-08-13 2021-08-23
CVE-2021-32069 The AWV component of Mitel MiCollab before 9.3 could allow an attacker to perform a Man-In-the-Middle attack due to improper ... 4.8 - MEDIUM 2021-08-13 2021-08-23
CVE-2021-32068 The AWV and MiCollab Client Service components in Mitel MiCollab before 9.3 could allow an attacker to perform a Man-In-the-M... 3.7 - LOW 2021-08-13 2021-08-23
CVE-2021-32067 The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to view sensitive system informati... 6.5 - MEDIUM 2021-08-13 2021-08-23
CVE-2021-27402 The SAS Admin portal of Mitel MiCollab before 9.2 FP2 could allow an unauthenticated attacker to access (view and modify) use... 6.5 - MEDIUM 2021-08-13 2021-08-23
CVE-2021-27401 The Join Meeting page of Mitel MiCollab Web Client before 9.2 FP2 could allow an attacker to access (view and modify) user da... 6.1 - MEDIUM 2021-08-13 2021-08-23
CVE-2021-26714 The Enterprise License Manager portal in Mitel MiContact Center Enterprise before 9.4 could allow a user to access restricted... 9.8 - CRITICAL 2021-03-29 2021-04-01
CVE-2021-3352 The Software Development Kit in Mitel MiContact Center Business from 8.0.0.0 through 8.1.4.1 and 9.0.0.0 through 9.3.1.0 coul... 9.1 - CRITICAL 2021-08-13 2021-08-25
CVE-2021-3176 The chat window of the Mitel BusinessCTI Enterprise (MBC-E) Client for Windows before 6.4.15 and 7.x before 7.1.2 could allow... 8 - HIGH 2021-01-29 2021-02-05
CVE-2020-35547 A library index page in NuPoint Messenger in Mitel MiCollab before 9.2 FP1 could allow an unauthenticated attacker to gain ac... 9.1 - CRITICAL 2021-01-29 2021-07-21
CVE-2020-28351 The conferencing component on Mitel ShoreTel 19.46.1802.0 devices could allow an unauthenticated attacker to conduct a reflec... 6.1 - MEDIUM 2020-11-09 2020-11-18
CVE-2020-27640 The Bluetooth handset of Mitel MiVoice 6940 and 6930 MiNet phones with firmware before 1.5.3 could allow an unauthenticated a... 8.1 - HIGH 2020-12-18 2020-12-22
CVE-2020-27639 The Bluetooth handset of Mitel MiVoice 6873i, 6930, and 6940 SIP phones with firmware before 5.1.0.SP6 could allow an unauthe... 8.1 - HIGH 2020-12-18 2020-12-21
CVE-2020-27340 The online help portal of Mitel MiCollab before 9.2 could allow an attacker to redirect a user to an unauthorized website by ... 6.1 - MEDIUM 2020-12-18 2021-07-21
CVE-2020-27154 The chat window of Mitel BusinessCTI Enterprise (MBC-E) Client for Windows before 6.4.11 and 7.x before 7.0.3 could allow an ... 8.8 - HIGH 2020-12-18 2020-12-21
CVE-2020-25612 The NuPoint Messenger of Mitel MiCollab before 9.2 could allow an attacker with escalated privilege to access user files due ... 4.9 - MEDIUM 2020-12-18 2021-07-21
CVE-2020-25611 The AWV portal of Mitel MiCollab before 9.2 could allow an attacker to gain access to conference information by sending arbit... 6.1 - MEDIUM 2020-12-18 2021-07-21

Known software with vulnerabilities from Mitel

Type Vendor Product Version
HardwareMitel6863i-
Operating
System
Mitel6863i Firmware5.1.0.2051
HardwareMitel6865i-
Operating
System
Mitel6865i Firmware5.1.0.2051
HardwareMitel6867i-
Operating
System
Mitel6867i Firmware5.1.0.2051
HardwareMitel6869i-
Operating
System
Mitel6869i Firmware5.1.0.2051
HardwareMitel6873i-
Operating
System
Mitel6873i Firmware5.1.0.2051
HardwareMitel6920-
Operating
System
Mitel6920 Firmware5.1.0.2051
HardwareMitel6930-
Operating
System
Mitel6930 Firmware5.1.0.2051
HardwareMitel6940-
Operating
System
Mitel6940 Firmware5.1.0.2051
ApplicationMitelBusinesscti Enterprise-
ApplicationMitelCmg Suite8.4
ApplicationMitelConnect Onsite-
ApplicationMitelMicloud Management Portal5.3

Popular searches for "Mitel"

Mitel

Mitel Networks Corporation is a Canadian telecommunications company. The company previously produced TDM PBX systems and applications, but after a change in ownership in 2001, now focuses almost entirely on Voice-over-IP products. Mitel is headquartered in Ottawa, Ontario, Canada, with offices, partners and resellers worldwide. In April 2018, the company announced it would be bought by an investor group led by Searchlight Capital Partners.

© CVE.report 2022 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report