Micontact Center Business Security Vulnerabilities and Issues — Micontact Center Business CVE List

Lucene search

MitelMicontact Center Business

10 matches found

CVE•added 2024/05/29 4:15 p.m.•111 views

CVE-2024-35284

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due to insufficient input validation.

5.4CVSS5.8AI score0.00649EPSS

CVE•added 2024/05/29 4:15 p.m.•85 views

CVE-2024-35283

A vulnerability in the Ignite component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct a stored cross-site scripting (XSS) attack due to insufficient input validation.

6.1CVSS5.7AI score0.00545EPSS

CVE•added 2020/02/25 7:15 p.m.•62 views

CVE-2020-9379

The Software Development Kit of the MiContact Center Business with Site Based Security 8.0 through 9.0.1.0 before KB496276 allows an authenticated user to access sensitive information. A successful exploit could allow unauthorized access to user conversations.

6.5CVSS6.3AI score0.0034EPSS

CVE•added 2024/03/16 6:15 a.m.•58 views

CVE-2024-28070

6.8CVSS5.8AI score0.00221EPSS

CVE•added 2020/09/25 4:23 a.m.•50 views

CVE-2020-24692

The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow an attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an attacker to gain access to a user session.

7.1CVSS7.2AI score0.00143EPSS

CVE•added 2021/08/13 4:15 p.m.•49 views

CVE-2021-3352

The Software Development Kit in Mitel MiContact Center Business from 8.0.0.0 through 8.1.4.1 and 9.0.0.0 through 9.3.1.0 could allow an unauthenticated attacker to access (view and modify) user data without authorization due to improper handling of tokens.

9.1CVSS9.1AI score0.00367EPSS

CVE•added 2024/03/16 6:15 a.m.•49 views

CVE-2024-28069

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an attacker to access sensitive information and potent...

7.5CVSS6.4AI score0.00257EPSS

CVE•added 2024/10/01 7:15 p.m.•38 views

CVE-2024-42514

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.1.0.4 could allow an unauthenticated attacker to conduct an unauthorized access attack due to inadequate access control checks. A successful exploit requires user interaction and could allow an attacker to ac...

8.1CVSS9AI score0.00108EPSS

CVE•added 2023/02/13 6:15 p.m.•36 views

CVE-2023-22854

The ccmweb component of Mitel MiContact Center Business server 9.2.2.0 through 9.4.1.0 could allow an unauthenticated attacker to download arbitrary files, due to insufficient restriction of URL parameters. A successful exploit could allow access to sensitive information.

9.1CVSS7.5AI score0.00355EPSS

CVE•added 2020/12/18 8:15 a.m.•29 views

CVE-2020-24693

The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow a local attacker to view system information due to insufficient output sanitization.

3.3CVSS3.8AI score0.00048EPSS