Mitel Mivoice Business Solution Virtual Instance vulnerabilities
3 known vulnerabilities affecting mitel/mivoice_business_solution_virtual_instance.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2024-35314CRITICALCVSS 9.8v1.0.0.252024-10-21
CVE-2024-35314 [CRITICAL] CWE-94 CVE-2024-35314: A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solu
A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance (MiVB SVI) 1.0.0.25, could allow an unauthenticated attacker to conduct a command injection attack due to insufficient parameter sanitization. A successful exploit requires user interaction and could allow an attacker to execute
nvd
CVE-2024-41714HIGHCVSS 8.8≤ 1.0.0.272024-10-21
CVE-2024-41714 [HIGH] CWE-94 CVE-2024-41714: A vulnerability in the Web Interface component of Mitel MiCollab through 9.8 SP1 (9.8.1.5) and MiVoi
A vulnerability in the Web Interface component of Mitel MiCollab through 9.8 SP1 (9.8.1.5) and MiVoice Business Solution Virtual Instance (MiVB SVI) through 1.0.0.27 could allow an authenticated attacker to conduct a command injection attack, due to insufficient parameter sanitization. A successful exploit could allow an attacker to execute arbitrary c
nvd
CVE-2024-35315MEDIUMCVSS 5.6v1.0.0.252024-10-21
CVE-2024-35315 [MEDIUM] CWE-94 CVE-2024-35315: A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solu
A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance (MiVB SVI) 1.0.0.25, could allow an authenticated attacker to conduct a privilege escalation attack due to improper file validation. A successful exploit could allow an attacker to run arbitrary code with elevated privileges.
nvd