CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2017-16251
https://notcve.org/view.php?id=CVE-2017-16251
A vulnerability in the conferencing component of Mitel ST 14.2, release GA28 and earlier, could allow an authenticated user to upload a malicious script to the Personal Library by a crafted POST request. Successful exploit could allow an attacker to execute arbitrary code within the context of the application. Una vulnerabilidad en el componente conferencing de Mitel ST 14.2, release GA28 y anteriores, podría permitir que un usuario autenticado suba un script malicioso a la Biblioteca Personal mediante una petición POST manipulada. El exploit con éxito podría permitir que un atacante ejecute código arbitrario en el contexto de la aplicación. • https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-18-0004 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-16250
https://notcve.org/view.php?id=CVE-2017-16250
A vulnerability in Mitel ST 14.2, release GA28 and earlier, could allow an attacker to use the API function to enumerate through user-ids which could be used to identify valid user ids and associated user names. Una vulnerabilidad in Mitel ST 14.2, release GA28 y anteriores, podría permitir que un atacante emplee la función API para enumerar a través de user-ids, que podría emplearse para identificar ID de usuario válidos y nombres de usuario asociados. • https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-18-0004 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2016-6562 – ShoreTel Mobility Client for iOS and Android, version 9.1.3.109 and earlier, fails to properly validate SSL certificates provided by HTTPS connections
https://notcve.org/view.php?id=CVE-2016-6562
On iOS and Android devices, the ShoreTel Mobility Client app version 9.1.3.109 fails to properly validate SSL certificates provided by HTTPS connections, which means that an attacker in the position to perform MITM attacks may be able to obtain sensitive account information such as login credentials. En dispositivos iOS y Android, la aplicación ShoreTel Mobility Client 9.1.3.109 no valida correctamente los certificados SSL proporcionados por las conexiones HTTPS; esto significa que un atacante en posición de realizar ataques Man-in-the-Middle (MitM) podría ser capaz de obtener información sensible de la cuenta, como credenciales de inicio de sesión. • https://www.info-sec.ca/advisories/ShoreTel-Mobility.html https://www.kb.cert.org/vuls/id/475907 https://www.securityfocus.com/bid/95224 • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 97%CPEs: 54EXPL: 16CVE-2014-0160 – OpenSSL Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2014-0160
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug. Las implementaciones de (1) TLS y (2) DTLS en OpenSSL 1.0.1 en versiones anteriores a 1.0.1g no manejan adecuadamente paquetes Heartbeat Extension, lo que permite a atacantes remotos obtener información sensible desde la memoria de proceso a través de paquetes manipulados que desencadenan una sobrelectura del buffer, según lo demostrado mediante la lectura de claves privadas, relacionado con d1_both.c y t1_lib.c, también conocido como bug Heartbleed. An information disclosure flaw was found in the way OpenSSL handled TLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server could send a specially crafted TLS or DTLS Heartbeat packet to disclose a limited portion of memory per request from a connected client or server. Note that the disclosed portions of memory could potentially include sensitive information such as private keys. • https://www.exploit-db.com/exploits/32764 https://www.exploit-db.com/exploits/32791 https://www.exploit-db.com/exploits/32998 https://www.exploit-db.com/exploits/32745 https://github.com/0x90/CVE-2014-0160 https://github.com/jdauphant/patch-openssl-CVE-2014-0160 https://github.com/caiqiqi/OpenSSL-HeartBleed-CVE-2014-0160-PoC https://github.com/obayesshelton/CVE-2014-0160-Scanner https://github.com/MrE-Fog/CVE-2014-0160-Chrome-Plugin https://github.com/Xyl2k/CVE-2014&# • CWE-125: Out-of-bounds Read CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2008-6797
https://notcve.org/view.php?id=CVE-2008-6797
The server in Mitel NuPoint Messenger R11 and R3 sends usernames and passwords in cleartext to Exchange servers, which allows remote attackers to obtain sensitive information by sniffing the network. El servidor en Mitel NuPoint Messenger R11 y R3 envía el nombre de usuario y contraseña en texto claro al servidor Exchange, lo que permite a los atacantes remotos obtener información sensibles rastreando la red. • http://www.kb.cert.org/vuls/id/576996 http://www.mitel.com/resources/NuPoint_and_Exchange.pdf http://www.securityfocus.com/bid/34847 • CWE-310: Cryptographic Issues •