Skip to main content

Micontact Center Business

11 CVEs product

Monthly

CVE-2025-67823 HIGH This Week

A vulnerability in the Multimedia Email component of Mitel MiContact Center Business through 10.2.0.10 and Mitel CX through 1.1.0.1 could allow an unauthenticated attacker to conduct a Cross-Site Scripting (XSS) attack due to insufficient input validation. [CVSS 8.2 HIGH]

XSS Micontact Center Business Cx
NVD
CVSS 3.1
8.2
EPSS
0.0%
CVE-2024-42514 HIGH This Week

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.1.0.4 could allow an unauthenticated attacker to conduct an unauthorized access attack due to inadequate. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Micontact Center Business
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2024-35284 MEDIUM This Month

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Micontact Center Business
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-35283 MEDIUM This Month

A vulnerability in the Ignite component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct a stored cross-site scripting (XSS) attack due to. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Micontact Center Business
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-28070 MEDIUM This Month

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass XSS Micontact Center Business
NVD
CVSS 3.1
6.8
EPSS
0.4%
CVE-2024-28069 HIGH This Week

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct an information disclosure attack due to improper. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Micontact Center Business
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-22854 HIGH This Week

The ccmweb component of Mitel MiContact Center Business server 9.2.2.0 through 9.4.1.0 could allow an unauthenticated attacker to download arbitrary files, due to insufficient restriction of URL. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Micontact Center Business
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-3352 CRITICAL Act Now

The Software Development Kit in Mitel MiContact Center Business from 8.0.0.0 through 8.1.4.1 and 9.0.0.0 through 9.3.1.0 could allow an unauthenticated attacker to access (view and modify) user data. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Micontact Center Business
NVD
CVSS 3.1
9.1
EPSS
1.0%
CVE-2020-24693 LOW Monitor

The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow a local attacker to view system information due to insufficient output sanitization. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Micontact Center Business
NVD
CVSS 3.1
3.3
EPSS
0.3%
CVE-2020-24692 HIGH This Week

The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow an attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

XSS Micontact Center Business
NVD
CVSS 3.1
7.1
EPSS
0.4%
CVE-2020-9379 MEDIUM This Month

The Software Development Kit of the MiContact Center Business with Site Based Security 8.0 through 9.0.1.0 before KB496276 allows an authenticated user to access sensitive information. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Micontact Center Business
NVD
CVSS 3.1
6.5
EPSS
0.9%
EPSS 0% CVSS 8.2
HIGH This Week

A vulnerability in the Multimedia Email component of Mitel MiContact Center Business through 10.2.0.10 and Mitel CX through 1.1.0.1 could allow an unauthenticated attacker to conduct a Cross-Site Scripting (XSS) attack due to insufficient input validation. [CVSS 8.2 HIGH]

XSS Micontact Center Business Cx
NVD
EPSS 0% CVSS 8.1
HIGH This Week

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.1.0.4 could allow an unauthenticated attacker to conduct an unauthorized access attack due to inadequate. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Micontact Center Business
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Micontact Center Business
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

A vulnerability in the Ignite component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct a stored cross-site scripting (XSS) attack due to. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Micontact Center Business
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass XSS Micontact Center Business
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct an information disclosure attack due to improper. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Micontact Center Business
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The ccmweb component of Mitel MiContact Center Business server 9.2.2.0 through 9.4.1.0 could allow an unauthenticated attacker to download arbitrary files, due to insufficient restriction of URL. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Micontact Center Business
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

The Software Development Kit in Mitel MiContact Center Business from 8.0.0.0 through 8.1.4.1 and 9.0.0.0 through 9.3.1.0 could allow an unauthenticated attacker to access (view and modify) user data. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Micontact Center Business
NVD
EPSS 0% CVSS 3.3
LOW Monitor

The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow a local attacker to view system information due to insufficient output sanitization. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Micontact Center Business
NVD
EPSS 0% CVSS 7.1
HIGH This Week

The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow an attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

XSS Micontact Center Business
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

The Software Development Kit of the MiContact Center Business with Site Based Security 8.0 through 9.0.1.0 before KB496276 allows an authenticated user to access sensitive information. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Micontact Center Business
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy