Lucene search
+L
MitelMicontact Center Business

11 matches found

cve
cve
added 2024/05/29 3:52 p.m.120 views

CVE-2024-35284

CVE-2024-35284 affects Mitel MiContact Center Business through version 10.0.0.4, specifically in the legacy chat component where insufficient input validation enables a reflected XSS when exploited by an unauthenticated attacker. The issue is confirmed by PT-2024-26416, which ties the vulnerabili...

5.4CVSS5.8AI score0.00252EPSS
cve
cve
added 2024/05/29 3:42 p.m.97 views

CVE-2024-35283

CVE-2024-35283 affects the Mitel MiContact Center Business Ignite component. Affected software: MiContact Center Business versions through 10.0.0.4. Description in connected docs shows a vulnerability due to insufficient input validation that could allow an unauthenticated attacker to perform a s...

6.1CVSS5.7AI score0.00263EPSS
cve
cve
added 2020/02/25 6:45 p.m.80 views

CVE-2020-9379

CVE-2020-9379 affects the MiContact Center Business SDK with Site Based Security versions 8.0 through 9.0.1.0 before KB496276. The description states that an authenticated user can access sensitive information, potentially exposing user conversations. The core issue appears to be access-control-r...

6.5CVSS6.3AI score0.00924EPSS
cve
cve
added 2024/03/16 12:0 a.m.77 views

CVE-2024-28070

Mitel MiContact Center Business

6.8CVSS5.8AI score0.00447EPSS
cve
cve
added 2021/08/13 3:35 p.m.69 views

CVE-2021-3352

The Mitel MiContact Center Business Software Development Kit (SDK) is affected, specifically versions 8.0.0.0–8.1.4.1 and 9.0.0.0–9.3.1.0. The root cause is improper handling of tokens in the SDK, which can allow an unauthenticated attacker to view and modify user data without authorization. This...

9.1CVSS9.1AI score0.0104EPSS
cve
cve
added 2020/09/25 3:43 a.m.68 views

CVE-2020-24692

CVE-2020-24692 affects the Ignite portal in Mitel MiContact Center Business prior to 9.3.0.0. The issue is insufficient input validation allowing cross-site scripting (XSS), which could let an attacker execute arbitrary scripts and potentially gain access to a user session. The description and co...

7.1CVSS7.2AI score0.00419EPSS
cve
cve
added 2024/03/16 12:0 a.m.62 views

CVE-2024-28069

CVE-2024-28069 concerns Mitel MiContact Center Business (legacy chat component) up to version 10.0.0.4. The vulnerability allows an unauthenticated attacker to perform information disclosure due to improper configuration, enabling access to sensitive data and potentially unauthorized actions with...

7.5CVSS6.4AI score0.00573EPSS
cve
cve
added 2024/10/01 12:0 a.m.54 views

CVE-2024-42514

Summary: CVE-2024-42514 affects Mitel MiContact Center Business of the legacy chat component up to version 10.1.0.4. The root cause is inadequate access control checks that allow an unauthenticated attacker, requiring user interaction, to access sensitive information and send unauthorized message...

8.1CVSS9AI score0.00421EPSS
cve
cve
added 2023/02/13 12:0 a.m.50 views

CVE-2023-22854

The CVE-2023-22854 entry concerns Mitel MiContact Center Business server, specifically the ccmweb component, version range 9.2.2.0 to 9.4.1.0. The root cause is insufficient restriction of URL parameters in the ccmweb component, enabling an unauthenticated attacker to download arbitrary files and...

9.1CVSS7.5AI score0.006EPSS
cve
cve
added 2020/12/18 7:8 a.m.43 views

CVE-2020-24693

The Mitel MiContact Center Business Ignite portal is affected by CVE-2020-24693, with the Ignite portal vulnerability located in the MiContact Center’s Ignite component prior to version 9.3.0.0. The root cause is insufficient output sanitization, which could allow a local attacker to view system ...

3.3CVSS3.8AI score0.00272EPSS
cve
cve
added 2026/01/15 12:0 a.m.15 views

CVE-2025-67823

CVE-2025-67823 affects Mitel MiContact Center Business up to version 10.2.0.10 and Mitel CX up to 1.1.0.1. The vulnerability is in the Multimedia Email component and stems from insufficient input validation, enabling an unauthenticated attacker to perform a Cross-Site Scripting (XSS) attack. A su...

8.2CVSS6AI score0.00292EPSS