Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pascom cloud phone system vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-45966
An issue exists in Pascom Cloud Phone System prior to 7.20.x. In the management REST API, /services/apply in exd.pl allows remote malicious users to execute arbitrary code via shell metacharacters.
Pascom Cloud Phone System
7.5
CVSSv3
CVE-2021-45968
An issue exists in xmppserver jar in the XMPP Server component of the JIve platform, as used in Pascom Cloud Phone System prior to 7.20.x (and in other products). An endpoint in the backend Tomcat server of the Pascom allows SSRF, a related issue to CVE-2019-18394.
Jivesoftware Jive -
Pascom Cloud Phone System
9.8
CVSSv3
CVE-2021-45967
An issue exists in Pascom Cloud Phone System prior to 7.20.x. A configuration error between NGINX and a backend Tomcat server leads to a path traversal in the Tomcat server, exposing unintended endpoints.
Pascom Cloud Phone System
Igniterealtime Openfire
Igniterealtime Openfire 4.5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started