Shodan
Vulnerabilities
Vulnerable Software
Mitel:  >> Micontact Center Business  >> 10.0.0.1  Security Vulnerabilities
CVE-2025-67823
A vulnerability in the Multimedia Email component of Mitel MiContact Center Business through 10.2.0.10 and Mitel CX through 1.1.0.1 could allow an unauthenticated attacker to conduct a Cross-Site Scripting (XSS) attack due to insufficient input validation. A successful exploit requires user interaction where the email channel is enabled. This could allow an attacker to execute arbitrary scripts in the victim's browser or desktop client application.
CVSS Score
8.2
EPSS Score
0.0
Published
2026-01-15
CVE-2024-42514
A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.1.0.4 could allow an unauthenticated attacker to conduct an unauthorized access attack due to inadequate access control checks. A successful exploit requires user interaction and could allow an attacker to access sensitive information and send unauthorized messages during an active chat session.
CVSS Score
8.1
EPSS Score
0.004
Published
2024-10-01
CVE-2024-35283
A vulnerability in the Ignite component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct a stored cross-site scripting (XSS) attack due to insufficient input validation.
CVSS Score
6.1
EPSS Score
0.007
Published
2024-05-29
CVE-2024-35284
A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due to insufficient input validation.
CVSS Score
5.4
EPSS Score
0.009
Published
2024-05-29
CVE-2024-28070
A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due to insufficient input validation. A successful exploit could allow an attacker to access sensitive information and gain unauthorized access.
CVSS Score
6.8
EPSS Score
0.003
Published
2024-03-16
CVE-2024-28069
A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an attacker to access sensitive information and potentially conduct unauthorized actions within the vulnerable component.
CVSS Score
7.5
EPSS Score
0.005
Published
2024-03-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved