CVE-2016-2362

Name of the Vulnerable Software and Affected Versions Fonality versions 12.6 through 14.1i

Description The issue is related to a hardcoded password for the FTP account in the Fonality software, allowing remote attackers to gain access via FTP or SSH connections. This can enable unauthorized access to protected information.

Recommendations For versions 12.6 through 14.1i, update the software to a version released after 2016-06-01 to remove the hardcoded password. As a temporary workaround, consider changing the FTP account password to a unique and secure value until a patched version is available. Restrict access to FTP and SSH connections to minimize the risk of exploitation.