480 matches found
CVE-2018-10585
Pexip Infinity before 18 is affected by a remote Denial of Service caused by an XML parsing issue. Multiple connected sources (Red Hat, CNVD, NVD, PRION and CVE records) confirm the vulnerability exists in Pexip Infinity prior to version 18 and describe the impact as DoS via XML parsing. The root...
CVE-2018-10432
Pexip Infinity before 18 allows Remote Denial of Service TLS handshakes in RTMP...
CVE-2018-10432
CVE-2018-10432 affects Pexip Infinity before version 18, enabling Remote Denial of Service via TLS handshakes in RTMP. Multiple sources (NVD, Red Hat, CNVD) corroborate the vuln and that it exists in versions prior to 18. Exploitation details are not provided in the documents; remediation implied...
Pexip Infinity has an unspecified vulnerability
Pexip Infinity pexip video conferencing cloud collaboration platform is a video conferencing cloud collaboration platform from the Norwegian company pexip. Pexip Infinity version 10 previously had a security vulnerability that could be exploited by remote attackers to gain privileges through...
CVE-2015-4719
The client API authentication mechanism in Pexip Infinity before 10 allows remote attackers to gain privileges via a crafted request...
CVE-2015-4719
The client API authentication mechanism in Pexip Infinity before 10 allows remote attackers to gain privileges via a crafted request...
CVE-2015-4719
CVE-2015-4719 affects Pexip Infinity prior to v10, where the client API authentication mechanism allows remote attackers to gain privileges via a crafted request. Documents from NVD/Red Hat/CVE lists repeat this description and identify the impact as privilege escalation with network access and n...
CVE-2017-6551
Pexip Infinity before 14.2 allows remote attackers to cause a denial of service service restart or execute arbitrary code via vectors related to Conferencing Nodes...
Code injection
Pexip Infinity before 14.2 allows remote attackers to cause a denial of service service restart or execute arbitrary code via vectors related to Conferencing Nodes...
CVE-2017-6551
Pexip Infinity before 14.2 allows remote attackers to cause a denial of service service restart or execute arbitrary code via vectors related to Conferencing Nodes...
CVE-2017-6551
CVE-2017-6551 : The provided records indicate that Pexip Infinity, versions prior to 14.2, is affected by a vulnerability in Conferencing Nodes that can be remotely triggered to cause a denial of service (service restart) or to execute arbitrary code. The exact vulnerable component or root cause ...
CVE-2017-6551
Pexip Infinity before 14.2 allows remote attackers to cause a denial of service service restart or execute arbitrary code via vectors related to Conferencing Nodes...
Pexip Infinity Remote Code Execution Vulnerability
Pexip Infinity is a virtual videoconferencing cloud collaboration platform from Pexip Norway. The platform works with standard protocol H.323, SIP based videoconferencing endpoints and videoconferencing infrastructures and is characterized by WAN bandwidth savings. A security vulnerability exists...
CVE-2014-8779
Pexip Infinity before 8 uses the same SSH host keys across different customers' installations, which allows man-in-the-middle attackers to spoof Management and Conferencing Nodes by leveraging these keys...
Code injection
Pexip Infinity before 8 uses the same SSH host keys across different customers' installations, which allows man-in-the-middle attackers to spoof Management and Conferencing Nodes by leveraging these keys...
CVE-2014-8779
CVE-2014-8779 affects Pexip Infinity prior to v8, where non-unique SSH host keys are used across different installations. Root cause: fixed/static host keys embedded in images allow an attacker with network access to impersonate a Pexip Infinity node and perform MITM SSH sessions, potentially cap...
CVE-2014-8779
Pexip Infinity before 8 uses the same SSH host keys across different customers' installations, which allows man-in-the-middle attackers to spoof Management and Conferencing Nodes by leveraging these keys...
Pexip Infinity static ssh keys
Static ssh key is used on nodes creation...
CVE-2014-8779: SSH Host keys on Pexip Infinity
Summary ======= The operating system used by Pexip Infinity does not create unique SSH host keys on deployment of new Management and Conferencing Nodes, using fixed host keys instead. Host keys are used to verify the identity of the remote host when connecting to it over SSH. These keys are...
Pexip Infinity Man-in-the-Middle Security Bypass Vulnerability
Pexip Infinity is a video conferencing cloud collaboration platform. A security bypass vulnerability exists in Pexip Infinity that allows attackers to conduct man-in-the-middle attacks to gain access to sensitive information...