First published: Fri Aug 03 2018(Updated: )
The Web server in 3CX version 15.5.8801.3 is vulnerable to Information Leakage, because of improper error handling in Stack traces, as demonstrated by discovering a full pathname.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
3cx 3cx Web Server | =15.5.8801.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2018-14907.
The severity of CVE-2018-14907 is medium with a CVSS score of 5.3.
The affected software version of CVE-2018-14907 is 3CX Web Server version 15.5.8801.3.
The CWE category of CVE-2018-14907 is CWE-209 (Information Exposure Through an Error Message).
It is recommended to update to a fixed version provided by the software vendor to address CVE-2018-14907.