CVE-2018-11543

Name of the Vulnerable Software and Affected Versions Sonus SBC 1000 versions 6.0.x up to Build 446 Sonus SBC 1000 versions 6.1.x up to Build 492 Sonus SBC 1000 versions 7.0.x up to Build 485 Sonus SBC 2000 versions 6.0.x up to Build 446 Sonus SBC 2000 versions 6.1.x up to Build 492 Sonus SBC 2000 versions 7.0.x up to Build 485 Sonus SBC SWe Lite versions 6.1.x up to Build 111 Sonus SBC SWe Lite versions 7.0.x up to Build 140

Description A Local File Inclusion (LFI) issue in the web interface of the affected devices allows for the downloading of arbitrary files. This could potentially lead to sensitive information disclosure.

Recommendations For Sonus SBC 1000 versions 6.0.x up to Build 446, update to a version later than Build 446 to resolve the issue. For Sonus SBC 1000 versions 6.1.x up to Build 492, update to a version later than Build 492 to resolve the issue. For Sonus SBC 1000 versions 7.0.x up to Build 485, update to a version later than Build 485 to resolve the issue. For Sonus SBC 2000 versions 6.0.x up to Build 446, update to a version later than Build 446 to resolve the issue. For Sonus SBC 2000 versions 6.1.x up to Build 492, update to a version later than Build 492 to resolve the issue. For Sonus SBC 2000 versions 7.0.x up to Build 485, update to a version later than Build 485 to resolve the issue. For Sonus SBC SWe Lite versions 6.1.x up to Build 111, update to a version later than Build 111 to resolve the issue. For Sonus SBC SWe Lite versions 7.0.x up to Build 140, update to a version later than Build 140 to resolve the issue.