PT-2018-10648 · Sonus · Sonus Sbc 2000+2
Cyberskr
·
Published
2018-07-09
·
Updated
2019-10-03
·
CVE-2018-11541
CVSS v3.1
10
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Sonus SBC 1000 versions 6.0.x up to Build 446
Sonus SBC 1000 versions 6.1.x up to Build 492
Sonus SBC 1000 versions 7.0.x up to Build 485
Sonus SBC 2000 versions 6.0.x up to Build 446
Sonus SBC 2000 versions 6.1.x up to Build 492
Sonus SBC 2000 versions 7.0.x up to Build 485
Sonus SBC SWe Lite versions 6.1.x up to Build 111
Sonus SBC SWe Lite versions 7.0.x up to Build 140
Description
A root privilege escalation issue in the web interface of Sonus SBC devices allows unauthorized access to privileged content.
Recommendations
For Sonus SBC 1000 versions 6.0.x up to Build 446, update to a version later than Build 446 to resolve the issue.
For Sonus SBC 1000 versions 6.1.x up to Build 492, update to a version later than Build 492 to resolve the issue.
For Sonus SBC 1000 versions 7.0.x up to Build 485, update to a version later than Build 485 to resolve the issue.
For Sonus SBC 2000 versions 6.0.x up to Build 446, update to a version later than Build 446 to resolve the issue.
For Sonus SBC 2000 versions 6.1.x up to Build 492, update to a version later than Build 492 to resolve the issue.
For Sonus SBC 2000 versions 7.0.x up to Build 485, update to a version later than Build 485 to resolve the issue.
For Sonus SBC SWe Lite versions 6.1.x up to Build 111, update to a version later than Build 111 to resolve the issue.
For Sonus SBC SWe Lite versions 7.0.x up to Build 140, update to a version later than Build 140 to resolve the issue.
Fix
Missing Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sonus Sbc 1000
Sonus Sbc 2000
Sonus Sbc Swe Lite