Micollab Security Vulnerabilities and Issues — Micollab CVE List

Lucene search

MitelMicollab

4 matches found

CVE•added 2022/10/25 7:15 p.m.•63 views

CVE-2022-36452

A vulnerability in the web conferencing component of Mitel MiCollab through 9.5.0.101 could allow an unauthenticated attacker to upload malicious files. A successful exploit could allow an attacker to execute arbitrary code within the context of the application.

9.8CVSS9.6AI score0.01612EPSS

CVE•added 2022/10/25 6:15 p.m.•50 views

CVE-2022-36453

A vulnerability in the MiCollab Client API of Mitel MiCollab 9.1.3 through 9.5.0.101 could allow an authenticated attacker to modify their profile parameters due to improper authorization controls. A successful exploit could allow the authenticated attacker to control another extension number.

8.8CVSS8.4AI score0.00222EPSS

CVE•added 2022/10/25 6:15 p.m.•47 views

CVE-2022-36451

A vulnerability in the MiCollab Client server component of Mitel MiCollab through 9.5.0.101 could allow an authenticated attacker to conduct a Server-Side Request Forgery (SSRF) attack due to insufficient restriction of URL parameters. A successful exploit could allow an attacker to leverage connec...

8.8CVSS8.4AI score0.00168EPSS

CVE•added 2022/10/25 6:15 p.m.•45 views

CVE-2022-36454

A vulnerability in the MiCollab Client API of Mitel MiCollab through 9.5.0.101 could allow an authenticated attacker to modify their profile parameters due to improper authorization controls. A successful exploit could allow the authenticated attacker to impersonate another user's name.

6.5CVSS6.2AI score0.00172EPSS