14.1I

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

fonality

critical

NVD

Published: 2016-06-20

Updated: 2024-11-21

Summary

Fonality (previously trixbox Pro) 12.6 through 14.1i before 2016-06-01 has a hardcoded password for the FTP account, which allows remote attackers to obtain access via a (1) FTP or (2) SSH connection.

Vulnerable Configurations

Part	Description	Count
Application	Fonality Fonality Fonality 12.8 Fonality Fonality 12.6 Fonality Fonality 14.1I	3

References

http://www.kb.cert.org/vuls/id/754056
http://www.kb.cert.org/vuls/id/754056