PT-2023-22880 · Telecom · Telecom

Balance

Publicado

2023-08-10

Atualizado

2023-08-14

CVE-2023-30682

CVSS v3.1

4.3

Média

Vetor

AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions Telecom versions prior to SMR Aug-2023 Release 1

Description The issue is related to improper access control, allowing local attackers to call the "silenceRinger API" without permission.

Recommendations For versions prior to SMR Aug-2023 Release 1, update to SMR Aug-2023 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting access to the "silenceRinger API" until a patch is available.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2023-30682

Produtos afetados

Telecom

PT-2023-22880 · Telecom · Telecom

CVE-2023-30682

Identificadores relacionados

Produtos afetados

Referências · 5