threat
engine
.sh
Back
·
··:··
Home
/
Product
/
mitel micollab
Product
mitel micollab
48 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2025-52914
< 9.8.3.103
A vulnerability in the Suite Applications Services component of Mitel MiCollab 10.0 through SP1 FP1 (10.0.1.101) could allow an au
8.8
HIGH
CVE-2024-55550
<= 9.8.1.201
Mitel MiCollab through 9.8 SP2 could allow an authenticated attacker with administrative privilege to conduct a local file read, d
2.7
LOW
CVE-2024-47224
<= 9.8.1.201
A vulnerability in the AWV (Audio, Web and Video Conferencing) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could a
6.5
MEDIUM
CVE-2024-41714
<= 9.8.1.5
A vulnerability in the Web Interface component of Mitel MiCollab through 9.8 SP1 (9.8.1.5) and MiVoice Business Solution Virtual I
8.8
HIGH
CVE-2024-41713
<= 9.8.1.201
A vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an
9.1
CRITICAL
CVE-2024-41712
<= 9.8.1.5
A vulnerability in the Web Conferencing Component of Mitel MiCollab through 9.8.1.5 could allow an authenticated attacker to condu
6.6
MEDIUM
CVE-2024-35315
<= 9.7.1.110
A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance (MiVB SV
5.6
MEDIUM
CVE-2024-35314
<= 9.7.1.110
A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance (MiVB SV
9.8
CRITICAL
CVE-2024-35287
<= 9.8.1.5
A vulnerability in the NuPoint Messenger (NPM) component of Mitel MiCollab through version 9.8 SP1 (9.8.1.5) could allow an authen
6.7
MEDIUM
CVE-2024-35286
<= 9.8.0.33
A vulnerability in NuPoint Messenger (NPM) of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a SQL
9.8
CRITICAL
CVE-2024-35285
<= 9.8.0.33
A vulnerability in NuPoint Messenger (NPM) of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a comm
9.8
CRITICAL
CVE-2024-30160
<= 9.7.1.110
A vulnerability in the Suite Applications Services component of Mitel MiCollab through 9.7.1.110 could allow an authenticated atta
4.8
MEDIUM
CVE-2024-30159
<= 9.7.1.110
A vulnerability in the web conferencing component of Mitel MiCollab through 9.7.1.110 could allow an authenticated attacker with a
4.8
MEDIUM
CVE-2024-30158
<= 9.7.1.110
A vulnerability in the web conferencing component of Mitel MiCollab through 9.7.1.110 could allow an authenticated attacker with a
7.2
HIGH
CVE-2024-30157
<= 9.7.1.110
A vulnerability in the Suite Applications Services component of Mitel MiCollab through 9.7.1.110 could allow an authenticated atta
7.2
HIGH
CVE-2024-47912
<= 9.8.1.201
A vulnerability in the AWV (Audio, Web, and Video) Conferencing component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could
8.2
HIGH
CVE-2024-47223
<= 9.8.1.201
A vulnerability in the AWV (Audio, Web and Video Conferencing) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could a
9.4
CRITICAL
CVE-2024-47189
<= 9.8.1.201
The API Interface of the AWV (Audio, Web and Video Conferencing) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could
7.7
HIGH
CVE-2023-25597
< 9.7
A vulnerability in the web conferencing component of Mitel MiCollab through 9.6.2.9 could allow an unauthenticated attacker to dow
5.9
MEDIUM
CVE-2022-41326
<= 9.6.0.105
The web conferencing component of Mitel MiCollab through 9.6.0.13 could allow an unauthenticated attacker to upload arbitrary scri
9.8
CRITICAL
CVE-2022-36452
< 9.6
A vulnerability in the web conferencing component of Mitel MiCollab through 9.5.0.101 could allow an unauthenticated attacker to u
9.8
CRITICAL
CVE-2022-36454
<= 9.5.0.101
A vulnerability in the MiCollab Client API of Mitel MiCollab through 9.5.0.101 could allow an authenticated attacker to modify the
6.5
MEDIUM
CVE-2022-36453
>= 9.1.3 and <= 9.5.0.101
A vulnerability in the MiCollab Client API of Mitel MiCollab 9.1.3 through 9.5.0.101 could allow an authenticated attacker to modi
8.8
HIGH
CVE-2022-36451
<= 9.5.0.101
A vulnerability in the MiCollab Client server component of Mitel MiCollab through 9.5.0.101 could allow an authenticated attacker
8.8
HIGH
CVE-2022-26143
< 9.4
The TP-240 (aka tp240dvr) component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allows remote at
9.8
CRITICAL
CVE-2021-32072
< 9.3
The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to get source code information (disclos
6.5
MEDIUM
CVE-2021-32071
< 9.3
The MiCollab Client service in Mitel MiCollab before 9.3 could allow an unauthenticated user to gain system access due to improper
9.8
CRITICAL
CVE-2021-32070
< 9.3
The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to perform a clickjacking attack due to
5.4
MEDIUM
CVE-2021-32069
< 9.3
The AWV component of Mitel MiCollab before 9.3 could allow an attacker to perform a Man-In-the-Middle attack due to improper TLS n
4.8
MEDIUM
CVE-2021-32068
< 9.3
The AWV and MiCollab Client Service components in Mitel MiCollab before 9.3 could allow an attacker to perform a Man-In-the-Middle
3.7
LOW
CVE-2021-32067
< 9.3
The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to view sensitive system information th
6.5
MEDIUM
CVE-2021-27402
< 9.2
The SAS Admin portal of Mitel MiCollab before 9.2 FP2 could allow an unauthenticated attacker to access (view and modify) user dat
6.5
MEDIUM
CVE-2021-27401
< 9.2
The Join Meeting page of Mitel MiCollab Web Client before 9.2 FP2 could allow an attacker to access (view and modify) user data by
6.1
MEDIUM
CVE-2020-35547
<= 9.2
A library index page in NuPoint Messenger in Mitel MiCollab before 9.2 FP1 could allow an unauthenticated attacker to gain access
9.1
CRITICAL
CVE-2020-27340
< 9.2
The online help portal of Mitel MiCollab before 9.2 could allow an attacker to redirect a user to an unauthorized website by execu
6.1
MEDIUM
CVE-2020-25612
< 9.2
The NuPoint Messenger of Mitel MiCollab before 9.2 could allow an attacker with escalated privilege to access user files due to in
4.9
MEDIUM
CVE-2020-25611
< 9.2
The AWV portal of Mitel MiCollab before 9.2 could allow an attacker to gain access to conference information by sending arbitrary
6.1
MEDIUM
CVE-2020-25610
< 9.2
The AWV component of Mitel MiCollab before 9.2 could allow an attacker to gain access to a web conference due to insufficient acce
5.3
MEDIUM
CVE-2020-25609
< 9.2
The NuPoint Messenger Portal of Mitel MiCollab before 9.2 could allow an authenticated attacker to execute arbitrary scripts due t
5.4
MEDIUM
CVE-2020-25608
< 9.2
The SAS portal of Mitel MiCollab before 9.2 could allow an attacker to access user credentials due to improper input validation, a
7.2
HIGH
CVE-2020-25606
< 9.2
The AWV component of Mitel MiCollab before 9.2 could allow an attacker to view system information by sending arbitrary code due to
6.1
MEDIUM
CVE-2020-13863
< 9.1.3
The SAS portal of Mitel MiCollab before 9.1.3 could allow an attacker to access user data by performing a header injection in HTTP
8.1
HIGH
CVE-2020-13767
< 9.1.332
The Mitel MiCollab application before 9.1.332 for iOS could allow an unauthorized user to access restricted files and folders due
5.9
MEDIUM
CVE-2019-19370
< 9.0.15
A cross-site scripting (XSS) vulnerability in the web conferencing component of the Mitel MiCollab application before 9.0.15 for A
6.1
MEDIUM
CVE-2018-18819
>= 7.3 and <= 7.3.0.601
A vulnerability in the web conference chat component of MiCollab, versions 7.3 PR6 (7.3.0.601) and earlier, and 8.0 (8.0.0.40) thr
5.3
MEDIUM
CVE-2019-12165
>= 7.1 and <= 7.1.0.57
MiCollab 7.3 PR2 (7.3.0.204) and earlier, 7.2 (7.2.2.13) and earlier, and 7.1 (7.1.0.57) and earlier and MiCollab AWV 6.3 (6.3.0.1
9.8
CRITICAL
CVE-2018-3639
all versions
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all
5.5
MEDIUM
CVE-2014-0160
all versions
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which
7.5
HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin