Vendor
Mitel
Products
4
CVEs
3
Across products
14
Status
Private
Products
4- 6 CVEs
- 5 CVEs
- 2 CVEs
- 1 CVE
Recent CVEs
3| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2014-0160 | Hig | 0.71 | 7.5 | 0.94 | KEV | Apr 7, 2014 | The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug. |
| CVE-2008-6797 | 0.00 | — | 0.02 | May 7, 2009 | The server in Mitel NuPoint Messenger R11 and R3 sends usernames and passwords in cleartext to Exchange servers, which allows remote attackers to obtain sensitive information by sniffing the network. | ||
| CVE-2004-0945 | 0.00 | — | 0.01 | Feb 28, 2005 | The web management interface for Mitel 3300 Integrated Communications Platform (ICP) before 4.2.2.11 allows remote authenticated users to cause a denial of service (resource exhaustion) via a large number of active sessions, which exceeds ICP's maximum. |