Lucene search
K

9 matches found

NVD
NVD
added 2024/01/25 8:15 a.m.31 views

CVE-2023-33759

SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts, allowing attackers to bypass authentication via a brute force attack...

9.8CVSS9.5AI score0.00799EPSS
Exploits1References1
NVD
NVD
added 2024/01/25 8:15 a.m.30 views

CVE-2023-33760

SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate. This issue can allow attackers to eavesdrop on communications via a man-in-the-middle attack...

5.3CVSS5.2AI score0.00276EPSS
Exploits1References1
Prion
Prion
added 2024/01/25 8:15 a.m.19 views

Authentication flaw

SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts, allowing attackers to bypass authentication via a brute force attack...

7.5CVSS7.4AI score0.00799EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2024/01/25 8:15 a.m.24 views

Design/Logic Flaw

SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate. This issue can allow attackers to eavesdrop on communications via a man-in-the-middle attack...

2.6CVSS7.3AI score0.00276EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2024/01/25 12:0 a.m.40 views

CVE-2023-33759

CVE-2023-33759 affects SpliceCom Maximiser Soft PBX, specifically versions 1.5 and earlier. The root cause is a lack of restriction on excessive authentication attempts, enabling brute-force authentication bypass. The vulnerability is rated with a high severity (CVSS v3.1: 9.8, Network vector, un...

9.8CVSS9.4AI score0.00799EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/01/25 12:0 a.m.28 views

CVE-2023-33759

SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts, allowing attackers to bypass authentication via a brute force attack...

9.7AI score0.00799EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/01/25 12:0 a.m.15 views

CVE-2023-33760

SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate. This issue can allow attackers to eavesdrop on communications via a man-in-the-middle attack...

7.1AI score0.00276EPSS
Exploits1References1
CVE
CVE
added 2024/01/25 12:0 a.m.46 views

CVE-2023-33760

The CVE-2023-33760 entry concerns SpliceCom Maximiser Soft PBX, affected in version 1.5 and earlier. The root cause is the use of a default SSL certificate, which enables man-in-the-middle eavesdropping on communications. Impact is limited to confidentiality (C:H) with no integrity or availabilit...

5.3CVSS5.2AI score0.00276EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/25 12:0 a.m.11 views

CVE-2023-33759

SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts, allowing attackers to bypass authentication via a brute force attack...

7.4AI score0.00799EPSS
Exploits1References1
Rows per page
Query Builder