Sangoma FreePBX Improper Authentication Vulnerability - CVE-2019-19006 - VulnDaily - Daily Cybersecurity Vulnerability Intelligence

Executive Summary

Sangoma FreePBX contains an improper authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services provided by the FreePBX admin.

CVSS Score: 9.0/10.0
Severity: CRITICAL

Affected Systems

Sangoma FreePBX

Detection & Mitigation

Apply vendor patches as soon as available
Monitor for indicators of compromise
Review vendor advisories for specific guidance

References

https://nvd.nist.gov/vuln/detail/CVE-2019-19006
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
NVD Entry

Sangoma FreePBX Improper Authentication Vulnerability - CVE-2019-19006

Executive Summary

Affected Systems

Detection & Mitigation

References

External Resources & References

Vulnerability Databases

Threat Intelligence & Search