VYPR

Mitel Nupoint Messenger

by Mitel

CVEs (4)

  • CVE-2024-35286Oct 21, 2024
    risk 0.05cvss epss 0.66

    A vulnerability in NuPoint Messenger (NPM) of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a SQL injection attack due to insufficient sanitization of user input. A successful exploit could allow an attacker to access sensitive information and…

  • CVE-2024-35287Oct 21, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in the NuPoint Messenger (NPM) component of Mitel MiCollab through version 9.8 SP1 (9.8.1.5) could allow an authenticated attacker with administrative privilege to conduct a privilege escalation attack due to the execution of a resource with unnecessary…

  • CVE-2024-35285Oct 21, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in NuPoint Messenger (NPM) of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a command injection attack due to insufficient parameter sanitization.

  • CVE-2008-6797May 7, 2009
    risk 0.00cvss epss 0.02

    The server in Mitel NuPoint Messenger R11 and R3 sends usernames and passwords in cleartext to Exchange servers, which allows remote attackers to obtain sensitive information by sniffing the network.