Vulnerabilities (CVE)

Filtered by vendor Mitel Subscribe
Filtered by product Micloud Management Portal
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-24595 1 Mitel 1 Micloud Management Portal 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker, by sending a crafted request, to retrieve sensitive information due to insufficient access control.
CVE-2020-24594 1 Mitel 1 Micloud Management Portal 2024-11-21 6.8 MEDIUM 9.6 CRITICAL
Mitel MiCloud Management Portal before 6.1 SP5 could allow an unauthenticated attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an attacker to gain access to a user session.
CVE-2020-24593 1 Mitel 1 Micloud Management Portal 2024-11-21 6.5 MEDIUM 7.2 HIGH
Mitel MiCloud Management Portal before 6.1 SP5 could allow a remote attacker to conduct a SQL Injection attack and access user credentials due to improper input validation.
CVE-2020-24592 1 Mitel 1 Micloud Management Portal 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker, by sending a crafted request, to view system information due to insufficient output sanitization.
CVE-2018-3639 12 Arm, Canonical, Debian and 9 more 321 Cortex-a, Ubuntu Linux, Debian Linux and 318 more 2024-11-21 2.1 LOW 5.5 MEDIUM
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.