Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-26567

Sangoma FreePBX 1805 through 2302 (when obtained as a ,.ISO file) places AMPDBUSER, AMPDBPASS, AMPMGRUSER, and AMPMGRPASS in the list of global variables. This exposes cleartext authentication credentials for the Asterisk Database (MariaDB/MySQL) and Asterisk Manager Interface. For example, an attacker can make a /ari/asterisk/variable?variable=AMPDBPASS API call.

Published

2023-04-26T20:15:09.860

Last Modified

2025-02-03T18:15:28.833

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.1 (HIGH)

Weaknesses

Type: Primary
CWE-522
Type: Secondary
CWE-522

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	sangoma	freepbx_linux_7	1805	Yes
Application	sangoma	freepbx_linux_7	1904	Yes
Application	sangoma	freepbx_linux_7	1910	Yes
Application	sangoma	freepbx_linux_7	2002	Yes
Application	sangoma	freepbx_linux_7	2008	Yes
Application	sangoma	freepbx_linux_7	2011	Yes
Application	sangoma	freepbx_linux_7	2104	Yes
Application	sangoma	freepbx_linux_7	2105	Yes
Application	sangoma	freepbx_linux_7	2109	Yes
Application	sangoma	freepbx_linux_7	2112	Yes
Application	sangoma	freepbx_linux_7	2201	Yes
Application	sangoma	freepbx_linux_7	2202	Yes
Application	sangoma	freepbx_linux_7	2203	Yes
Application	sangoma	freepbx_linux_7	2302	Yes

References

https://qsecure.com.cy/resources/advisories/sangoma-freepbx-linux-insecure-permissions Third Party Advisory ([email protected])
https://www.freepbx.org Product ([email protected])
https://www.sangoma.com/products/open-source/ Product ([email protected])
https://qsecure.com.cy/resources/advisories/sangoma-freepbx-linux-insecure-permissions Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.freepbx.org Product (af854a3a-2127-422b-91ae-364da2661108)
https://www.sangoma.com/products/open-source/ Product (af854a3a-2127-422b-91ae-364da2661108)