Lucene search
K

17 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:42 a.m.9 views

CVE-2022-26143

The TP-240 aka tp240dvr component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allows remote attackers to obtain sensitive information and cause a denial of service performance degradation and excessive outbound traffic. This was exploited in the wild in February...

9.8CVSS6.9AI score0.87565EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/06/17 1:15 p.m.1 views

CVE-2022-31784

A vulnerability in the management interface of MiVoice Business through 9.3 PR1 and MiVoice Business Express through 8.0 SP3 PR3 could allow an unauthenticated attacker that has network access to the management interface to conduct a buffer overflow attack due to insufficient validation of URL...

9.8CVSS6.4AI score0.01524EPSS
Exploits0References3
CVE
CVE
added 2022/06/17 11:43 a.m.62 views

CVE-2022-31784

CVE-2022-31784 affects Mitel MiVoice Business (up to 9.3 PR1) and MiVoice Business Express (up to 8.0 SP3 PR3). The vulnerability stems from insufficient validation of URL parameters in the management interface, enabling an unauthenticated attacker with network access to perform a buffer overflow...

9.8CVSS9.8AI score0.01524EPSS
Exploits0References2Affected Software2
CISA KEV Catalog
CISA KEV Catalog
added 2022/03/25 12:0 a.m.18 views

MiCollab, MiVoice Business Express Access Control Vulnerability

A vulnerability has been identified in MiCollab and MiVoice Business Express that may allow a malicious actor to gain unauthorized access to sensitive information and services, cause performance degradations or a denial of service condition on the affected system...

9.8CVSS5.1AI score0.87565EPSS
In wildExploits1
BDU FSTEC
BDU FSTEC
added 2022/03/16 12:0 a.m.6 views

The vulnerability of the TP-240 interface board’s microprogramming software in MiCollab and MiVoice Business Express systems, related to errors in processing XML messages, allows attackers to read and modify the configuration of the vulnerable device or trigger a service failure.

The vulnerability of the TP-240 interface board’s microprogramming software, used in the MiCollab and MiVoice Business Express collaboration platforms, is related to errors in processing XML messages. Exploiting this vulnerability allows an attacker to read and modify the configuration of the...

9.7CVSS8AI score0.87565EPSS
Exploits1References6Affected Software1
The Hacker News
The Hacker News
added 2022/03/15 7:26 a.m.34 views

Massive DDoS Attack Knocked Israeli Government Websites Offline

A number of websites belonging to the Israeli government were felled in a distributed denial-of-service DDoS attack on Monday, rendering the portals inaccessible for a short period of time. "In the past few hours, a DDoS attack against a communications provider was identified," the Israel Nationa...

1.4AI score
Exploits0
NVD
NVD
added 2022/03/10 5:47 p.m.12 views

CVE-2022-26143

The TP-240 aka tp240dvr component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allows remote attackers to obtain sensitive information and cause a denial of service performance degradation and excessive outbound traffic. This was exploited in the wild in February...

9.8CVSS0.87565EPSS
Exploits1References8
Prion
Prion
added 2022/03/10 5:47 p.m.25 views

Code injection

The TP-240 aka tp240dvr component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allows remote attackers to obtain sensitive information and cause a denial of service performance degradation and excessive outbound traffic. This was exploited in the wild in February...

9CVSS9.2AI score0.87565EPSS
Exploits1References7Affected Software2
ATTACKERKB
ATTACKERKB
added 2022/03/10 12:0 a.m.62 views

CVE-2022-26143

The TP-240 aka tp240dvr component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allows remote attackers to obtain sensitive information and cause a denial of service performance degradation and excessive outbound traffic. This was exploited in the wild in February...

9.8CVSS5.4AI score0.87565EPSS
In wildExploits1References8
CNNVD
CNNVD
added 2022/03/10 12:0 a.m.12 views

Mitel Networks MiCollab和Mitel Networks MiVoice Business Express 访问控制错误漏洞

Mitel Networks MiCollab and Mitel Networks MiVoice Business Express are both products of Mitel Networks, Inc. of Canada.Mitel Networks MiCollab is a voice, video, messaging, audio conferencing, and team collaboration for employees. Mitel Networks MiVoice Business Express is a real-time...

9.8CVSS8.6AI score0.87565EPSS
Exploits1References8
Cvelist
Cvelist
added 2022/03/09 3:32 p.m.32 views

CVE-2022-26143

The TP-240 aka tp240dvr component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allows remote attackers to obtain sensitive information and cause a denial of service performance degradation and excessive outbound traffic. This was exploited in the wild in February...

9.4AI score0.87565EPSS
Exploits1References7
The Hacker News
The Hacker News
added 2022/03/09 1:26 p.m.68 views

Hackers Abuse Mitel Devices to Amplify DDoS Attacks by 4 Billion Times

Threat actors have been observed abusing a high-impact reflection/amplification method to stage sustained distributed denial-of-service DDoS attacks for up to 14 hours with a record-breaking amplification ratio of 4,294,967,296 to 1. The attack vector – dubbed TP240PhoneHome CVE-2022-26143 – has...

9.8CVSS0.9AI score0.87565EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2022/02/22 12:0 a.m.4 views

PT-2022-1816 · Mitel · Mivoice Business Express +1

Name of the Vulnerable Software and Affected Versions: Mitel MiCollab versions prior to 9.4 SP1 FP1 Mitel MiVoice Business Express versions prior to 8.1 Description: The issue is related to errors in processing XML messages in the TP-240 interface board software for Mitel MiCollab and MiVoice...

9.8CVSS9.2AI score0.87565EPSS
Exploits1References23
NVD
NVD
added 2019/11/12 2:15 p.m.13 views

CVE-2018-18819

A vulnerability in the web conference chat component of MiCollab, versions 7.3 PR6 7.3.0.601 and earlier, and 8.0 8.0.0.40 through 8.0 SP2 FP2 8.0.2.202, and MiVoice Business Express versions 7.3 PR3 7.3.1.302 and earlier, and 8.0 8.0.0.40 through 8.0 SP2 FP1 8.0.2.202, could allow creation of...

5.3CVSS5.4AI score0.0143EPSS
Exploits0References2
Prion
Prion
added 2019/11/12 2:15 p.m.21 views

Improper access control

A vulnerability in the web conference chat component of MiCollab, versions 7.3 PR6 7.3.0.601 and earlier, and 8.0 8.0.0.40 through 8.0 SP2 FP2 8.0.2.202, and MiVoice Business Express versions 7.3 PR3 7.3.1.302 and earlier, and 8.0 8.0.0.40 through 8.0 SP2 FP1 8.0.2.202, could allow creation of...

5CVSS5.5AI score0.0143EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2019/11/12 1:51 p.m.21 views

CVE-2018-18819

A vulnerability in the web conference chat component of MiCollab, versions 7.3 PR6 7.3.0.601 and earlier, and 8.0 8.0.0.40 through 8.0 SP2 FP2 8.0.2.202, and MiVoice Business Express versions 7.3 PR3 7.3.1.302 and earlier, and 8.0 8.0.0.40 through 8.0 SP2 FP1 8.0.2.202, could allow creation of...

5.4AI score0.0143EPSS
Exploits0References2
CVE
CVE
added 2019/11/12 1:51 p.m.66 views

CVE-2018-18819

CVE-2018-18819 affects MiCollab web conference chat component and MiVoice Business Express: MiCollab versions 7.3 PR6 (7.3.0.601) and earlier, and 8.0 (8.0.0.40) through 8.0 SP2 FP2 (8.0.2.202); MiVoice Business Express versions 7.3 PR3 (7.3.1.302) and earlier, and 8.0 (8.0.0.40) through 8.0 SP2 ...

5.3CVSS5.4AI score0.0143EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder