Mitel Micontact Center Business — known CVE vulnerabilities
Every CVE whose affected-product data names Mitel Micontact Center Business, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2021-3352 — CVSS 9.1 (critical): The Software Development Kit in Mitel MiContact Center Business from 8.0.0.0 through 8.1.4.1 and 9.0.0.0 through 9.3.1.0 could allow an…
CVE-2025-67823 — CVSS 8.2 (high): A vulnerability in the Multimedia Email component of Mitel MiContact Center Business through 10.2.0.10 and Mitel CX through 1.1.0.1 could…
CVE-2024-42514 — CVSS 8.1 (high): A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.1.0.4 could allow an unauthenticated attacker to…
CVE-2024-28069 — CVSS 7.5 (high): A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to…
CVE-2023-22854 — CVSS 7.5 (high): The ccmweb component of Mitel MiContact Center Business server 9.2.2.0 through 9.4.1.0 could allow an unauthenticated attacker to download…
CVE-2020-24692 — CVSS 7.1 (high): The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow an attacker to execute arbitrary scripts due to…
CVE-2024-28070 — CVSS 6.8 (medium): A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to…
CVE-2020-9379 — CVSS 6.5 (medium): The Software Development Kit of the MiContact Center Business with Site Based Security 8.0 through 9.0.1.0 before KB496276 allows an…
CVE-2024-35283 — CVSS 6.1 (medium): A vulnerability in the Ignite component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to…
CVE-2024-35284 — CVSS 5.4 (medium): A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to…
CVE-2020-24693 — CVSS 3.3 (low): The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow a local attacker to view system information due to…