Vasilis Sikkis

**Name of the Vulnerable Software and Affected Versions** Sangoma FreePBX versions 1805 through 2203 **Description** The issue concerns hardcoded credentials for the Asterisk REST Interface (ARI) in Sangoma FreePBX, allowing remote attackers to reconfigure Asterisk and make external and internal calls via HTTP and WebSocket requests sent to the API. **Recommendations** For versions 1805 through 2203, update the system to remove the hardcoded credentials for the Asterisk REST Interface (ARI) to prevent unauthorized access. As a temporary workaround, consider restricting access to the Asterisk REST Interface (ARI) until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Sangoma FreePBX versions 1805 through 2302 **Description** The issue exposes cleartext authentication credentials for the Asterisk Database (MariaDB/MySQL) and Asterisk Manager Interface by placing `AMPDBUSER`, `AMPDBPASS`, `AMPMGRUSER`, and `AMPMGRPASS` in the list of global variables. An attacker can exploit this by making a "/ari/asterisk/variable?variable=AMPDBPASS" API call. **Recommendations** For Sangoma FreePBX versions 1805 through 2302, consider restricting access to the `/ari/asterisk/variable` API endpoint to minimize the risk of exploitation. Additionally, avoid using the variables `AMPDBUSER`, `AMPDBPASS`, `AMPMGRUSER`, and `AMPMGRPASS` in global variables until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM API Connect versions 5.0.0.0 through 5.0.8.2 **Description** The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session due to cross-site scripting. **Recommendations** For versions 5.0.0.0 through 5.0.8.2, update to a version that contains a fix for this issue to prevent cross-site scripting attacks.