CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
COMPLETE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:C/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
EPSS
Percentile
74.4%
Security Vulnerabilities in base image packages affect IBM Voice Gateway.
CVEID:CVE-2022-34903
**DESCRIPTION:**GnuPG could allow a remote attacker to conduct spoofing attacks, caused by a flaw when processing secret-key information from keyring. By sending a specially-crafted request to perform injection into the status line, an attacker could exploit this vulnerability to perform signature spoofing.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/230354 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)
CVEID:CVE-2015-20107
**DESCRIPTION:**Python could allow a remote attacker to execute arbitrary commands on the system, caused by improper input validation in mailcap module. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVSS Base score: 9.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/224937 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Affected Product(s) | Version(s) |
---|---|
Voice Gateway | 1.0.7 |
Voice Gateway | 1.0.6 |
Voice Gateway | 1.0.2.4 |
Voice Gateway | 1.0.4 |
Voice Gateway | 1.0.7.1 |
Voice Gateway | 1.0.2 |
Voice Gateway | 1.0.8 |
Voice Gateway | 1.0.5 |
Voice Gateway | 1.0.3 |
IBM strongly suggests upgrading to the following IBM Voice Gateway 1.0.8.x images:
ibmcom/voice-gateway-mr:1.0.8.4
ibmcom/voice-gateway-so:1.0.8.4
The above images can be found at the below links:
<https://hub.docker.com/r/ibmcom/voice-gateway-mr/tags>
https://hub.docker.com/r/ibmcom/voice-gateway-so/tags
None
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
COMPLETE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:C/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
EPSS
Percentile
74.4%