148 matches found
CVE-2019-12148
The Sangoma Session Border Controller SBC 2.3.23-119 GA web interface is vulnerable to an authentication bypass via an argument injection vulnerability involving special characters in the username field. Upon successful exploitation, a remote unauthenticated user can login into the device's admin...
CVE-2019-12147
The Sangoma Session Border Controller SBC 2.3.23-119 GA web interface is vulnerable to Argument Injection via special characters in the username field. Upon successful exploitation, a remote unauthenticated user can create a local system user with sudo privileges, and use that user to login to th...
CVE-2019-12147
The Sangoma Session Border Controller SBC 2.3.23-119 GA web interface is vulnerable to Argument Injection via special characters in the username field. Upon successful exploitation, a remote unauthenticated user can create a local system user with sudo privileges, and use that user to login to th...
CVE-2019-12148
The Sangoma Session Border Controller SBC 2.3.23-119 GA web interface is vulnerable to an authentication bypass via an argument injection vulnerability involving special characters in the username field. Upon successful exploitation, a remote unauthenticated user can login into the device's admin...
Authentication flaw
The Sangoma Session Border Controller SBC 2.3.23-119 GA web interface is vulnerable to an authentication bypass via an argument injection vulnerability involving special characters in the username field. Upon successful exploitation, a remote unauthenticated user can login into the device's admin...
CVE-2019-12147
CVE-2019-12147 affects Sangoma SBC 2.3.23-119 GA web interface. The issue is Argument Injection via special characters in the username field, enabling a remote unauthenticated user to create a local privileged user (sudo) and subsequently access the system via web or SSH to compromise the device....
CVE-2019-12147
The Sangoma Session Border Controller SBC 2.3.23-119 GA web interface is vulnerable to Argument Injection via special characters in the username field. Upon successful exploitation, a remote unauthenticated user can create a local system user with sudo privileges, and use that user to login to th...
CVE-2019-12148
The Sangoma Session Border Controller SBC 2.3.23-119 GA web interface is vulnerable to an authentication bypass via an argument injection vulnerability involving special characters in the username field. Upon successful exploitation, a remote unauthenticated user can login into the device's admin...
Sangoma Technologies SBC Parameter Injection Vulnerability
The Sangoma Technologies SBC is a border session controller SBC from Sangoma Technologies, a Canadian company. A parameter injection vulnerability exists in Sangoma Technologies SBC version 2.3.23-119-GA, which can be exploited by an attacker to bypass authentication and log in as a non-existing...
OpenSSL CVE-2018-0732 Denial of Service Vulnerability
Description OpenSSL is prone to denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected OpenSSL Project OpenSSL 1.0.2 OpenSSL Project OpenSSL 1.0.2a OpenSSL Project OpenSSL 1.0.2b OpenSSL Project OpenSSL 1.0.2c OpenSSL...
CVE-2014-6465
Unspecified vulnerability in the Oracle Communications Session Border Controller component in Oracle Communications Applications SCX640m5 allows remote authenticated users to affect availability via unknown vectors related to Lawful Intercept...
Design/Logic Flaw
Unspecified vulnerability in the Oracle Communications Session Border Controller component in Oracle Communications Applications SCX640m5 allows remote authenticated users to affect availability via unknown vectors related to Lawful Intercept...
CVE-2014-6465
Technical details for CVE-2014-6465 are not publicly provided in the supplied documents. The record notes an unspecified vulnerability in Oracle Communications Session Border Controller with remote authentication and availability impact; no specific exploit, affected versions, or fixes are disclo...
CVE-2014-6465
Unspecified vulnerability in the Oracle Communications Session Border Controller component in Oracle Communications Applications SCX640m5 allows remote authenticated users to affect availability via unknown vectors related to Lawful Intercept...
CVE-2013-4778
core/getLog.php on the Siemens Enterprise OpenScape Branch appliance and OpenScape Session Border Controller SBC before 2 R0.32.0, and 7 before 7 R1.7.0, allows remote attackers to obtain sensitive server and statistics information via unspecified vectors...
CVE-2013-4780
core/getLog.php on the Siemens Enterprise OpenScape Branch appliance and OpenScape Session Border Controller SBC before 2 R0.32.0, and 7 before 7 R1.7.0, allows remote attackers to read arbitrary files via unspecified vectors...
CVE-2013-4779
Cross-site scripting XSS vulnerability in core/handleTw.php on the Siemens Enterprise OpenScape Branch appliance and OpenScape Session Border Controller SBC before 2 R0.32.0, and 7 before 7 R1.7.0, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Session fixation
core/getLog.php on the Siemens Enterprise OpenScape Branch appliance and OpenScape Session Border Controller SBC before 2 R0.32.0, and 7 before 7 R1.7.0, allows remote attackers to read arbitrary files via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in core/handleTw.php on the Siemens Enterprise OpenScape Branch appliance and OpenScape Session Border Controller SBC before 2 R0.32.0, and 7 before 7 R1.7.0, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2013-4781
core/getLog.php on the Siemens Enterprise OpenScape Branch appliance and OpenScape Session Border Controller SBC before 2 R0.32.0, and 7 before 7 R1.7.0, allows remote attackers to execute arbitrary commands via unspecified vectors...