cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-22854,https://securityvulnerability.io/vulnerability/CVE-2023-22854,File Download Vulnerability in Mitel MiContact Center Business Server,"The ccmweb component of Mitel MiContact Center Business Server versions 9.2.2.0 to 9.4.1.0 contains a vulnerability that may allow unauthenticated attackers to download arbitrary files. This issue arises from insufficient validation of URL parameters, leading to potential exposure of sensitive information. Organizations using vulnerable versions should consider applying the available security updates or mitigating the risks by restricting access to the affected components.",Mitel,Micontact Center Business,7.5,HIGH,0.0015800000401213765,false,,false,false,false,,,false,false,,2023-02-13T00:00:00.000Z,0
CVE-2021-3352,https://securityvulnerability.io/vulnerability/CVE-2021-3352,Improper Token Handling in Mitel MiContact Center Business,"The Software Development Kit in Mitel MiContact Center Business versions 8.0.0.0 through 8.1.4.1 and 9.0.0.0 through 9.3.1.0 contains a vulnerability that could be exploited by unauthenticated attackers. The flaw is due to improper handling of authentication tokens, which allows attackers to view and modify user data without proper authorization. This poses a significant risk to user privacy and data integrity.",Mitel,Micontact Center Business,9.1,CRITICAL,0.0017800000496208668,false,,false,false,false,,,false,false,,2021-08-13T15:35:14.000Z,0
CVE-2020-24693,https://securityvulnerability.io/vulnerability/CVE-2020-24693,,The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow a local attacker to view system information due to insufficient output sanitization.,Mitel,Micontact Center Business,3.3,LOW,0.0004199999966658652,false,,false,false,false,,,false,false,,2020-12-18T07:08:35.000Z,0
CVE-2020-24692,https://securityvulnerability.io/vulnerability/CVE-2020-24692,,"The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow an attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an attacker to gain access to a user session.",Mitel,Micontact Center Business,7.1,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-09-25T03:43:12.000Z,0
CVE-2020-9379,https://securityvulnerability.io/vulnerability/CVE-2020-9379,,The Software Development Kit of the MiContact Center Business with Site Based Security 8.0 through 9.0.1.0 before KB496276 allows an authenticated user to access sensitive information. A successful exploit could allow unauthorized access to user conversations.,Mitel,Micontact Center Business,6.5,MEDIUM,0.0006399999838322401,false,,false,false,false,,,false,false,,2020-02-25T18:45:45.000Z,0