CVE-2021-45310: Infoleak
First published: Mon Feb 14 2022(Updated: )
Sangoma Technologies Corporation Switchvox Version 102409 is affected by an information disclosure vulnerability due to an improper access restriction. Users information such as first name, last name, acount id, server uuid, email address, profile image, number, timestamps, etc can be extracted by sending an unauthenticated HTTP GET request to the https://Switchvox-IP/main?cmd=invalid_browser.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| =102409 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this information disclosure vulnerability?
The vulnerability ID for this information disclosure vulnerability is CVE-2021-45310.
What is the severity level of CVE-2021-45310?
The severity level of CVE-2021-45310 is medium, with a severity value of 5.3.
How does CVE-2021-45310 affect Sangoma Technologies Corporation Switchvox?
CVE-2021-45310 affects Sangoma Technologies Corporation Switchvox and allows unauthorized access to users' information such as first name, last name, account ID, server UUID, email address, profile image, number, timestamps, etc.
What is the potential impact of CVE-2021-45310?
The potential impact of CVE-2021-45310 is the unauthorized disclosure of sensitive user information.
Is there a fix available for CVE-2021-45310?
Yes, a fix for CVE-2021-45310 is available. It is recommended to update to a version of Sangoma Technologies Corporation Switchvox that is not affected by this vulnerability.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/weakness
- agent/author
- agent/severity
- agent/last-modified-date
- agent/event
- agent/tags
- agent/description
- agent/first-publish-date
- agent/source
- vendor/sangoma