8 matches found
The vulnerability of the client server MiCollab of the collaborative work platform MiCollab, as well as the virtual instance of the business solution MiVoice Business Solution Virtual Instance (MiVB SVI), allows a perpetrator to execute arbitrary commands.
The vulnerability of the client server of the collaborative work platform MiCollab, as well as the virtual instance of the business solution MiVoice Business Solution Virtual Instance MiVB SVI, is related to the failure to take measures to neutralize special elements. Exploiting this vulnerabilit...
CVE-2024-41714
A vulnerability in the Web Interface component of Mitel MiCollab through 9.8 SP1 9.8.1.5 and MiVoice Business Solution Virtual Instance MiVB SVI through 1.0.0.27 could allow an authenticated attacker to conduct a command injection attack, due to insufficient parameter sanitization. A successful...
CVE-2024-35315
Mitel MiCollab Desktop Client (versions up to 9.7.1.110) and MiVoice Business Solution Virtual Instance (MiVB SVI) 1.0.0.25 contain a privilege-escalation flaw due to improper file validation. An authenticated, local attacker could execute arbitrary code with elevated privileges. MITRE-like impac...
CVE-2024-35314
Affects Mitel MiCollab Desktop Client (versions ≤ 9.7.1.110) and MiVoice Business Solution Virtual Instance (MiVB SVI ≤ 1.0.0.25). The vulnerability is a command injection caused by insufficient parameter sanitization, enabling an unauthenticated attacker to execute arbitrary scripts with user in...
CVE-2024-35314
A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance MiVB SVI 1.0.0.25, could allow an unauthenticated attacker to conduct a command injection attack due to insufficient parameter sanitization. A successful exploit requires user...
CVE-2024-35315
A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance MiVB SVI 1.0.0.25, could allow an authenticated attacker to conduct a privilege escalation attack due to improper file validation. A successful exploit could allow an attacker...
CVE-2024-35315
A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance MiVB SVI 1.0.0.25, could allow an authenticated attacker to conduct a privilege escalation attack due to improper file validation. A successful exploit could allow an attacker...
PT-2024-7493 · Mitel · Mivoice Business Solution Virtual Instance +1
Name of the Vulnerable Software and Affected Versions: Mitel MiCollab versions through 9.8 SP1 9.8.1.5 MiVoice Business Solution Virtual Instance MiVB SVI versions through 1.0.0.27 Description: A vulnerability in the Web Interface component could allow an authenticated attacker to conduct a comma...