FAIL › dossier
Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.
| Date | Event | Sev | Flags | Shame | Summary |
|---|---|---|---|---|---|
| 2023-02-21 | CVE-2022-41223 | critical | ⚡RCE ⌖KEV | 95 | The Director component in Mitel MiVoice Connect allows an authenticated attacker with internal network access to execute code within the context of the application. |
| 2023-02-21 | CVE-2022-40765 | critical | ⚡RCE ⌖KEV | 95 | The Mitel Edge Gateway component of MiVoice Connect allows an authenticated attacker with internal network access to execute commands within the context of the system. |
| 2022-06-27 | CVE-2022-29499 | critical | ⚡RCE ⌖KEV | 95 | The Service Appliance component in Mitel MiVoice Connect allows remote code execution due to incorrect data validation. |
| 2025-01-07 | CVE-2024-55550 | critical | ⌖KEV | 80 | Mitel MiCollab contains a path traversal vulnerability that could allow an authenticated attacker with administrative privileges to read local files within the system due to insufficient input sanitization. This vulnerability can be chained with CVE-2024-41713, which allows an un |
| 2025-01-07 | CVE-2024-41713 | critical | ⌖KEV | 80 | Mitel MiCollab contains a path traversal vulnerability that could allow an attacker to gain unauthorized and unauthenticated access. This vulnerability can be chained with CVE-2024-55550, which allows an unauthenticated, remote attacker to read arbitrary files on the server. |
| 2025-02-12 | CVE-2024-41710 | high | ⚡RCE ⌖KEV | 65 | Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the 6970 Conference Unit, contain an argument injection vulnerability due to insufficient parameter sanitization during the boot process. Successful exploitation may allow an attacker to execute arbitrary comm |
| 2022-03-25 | CVE-2022-26143 | high | ⌖KEV | 50 | A vulnerability has been identified in MiCollab and MiVoice Business Express that may allow a malicious actor to gain unauthorized access to sensitive information and services, cause performance degradations or a denial of service condition on the affected system. |