2019-11-20 Remote Admin Authentication Bypass

Owned by Nathaniel Halbrooks
Last updated: Jan 31, 2024
1 min read

SEC-2019-001

CVE-2019-19006

Overview:

FreePBX versions 15.0.16.26 and below, 14.0.13.11 and below, 13.0.197.13 and below has a serious authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services provided by the FreePBX admin.

 

Discovered By:

PBXcomplete
www.pbxcomplete.nl

Impact:

CVSS 3 Details:

  • CVSS Base Score: 9.4

  • Impact Subscore: 5.5

  • Exploitability Subscore: 3.9

  • CVSS Temporal Score: 9.0

  • CVSS Environmental Score: 7.6

  • Modified Impact Subscore: 4.0

  • Overall CVSS Score: 7.6

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C/CR:L/IR:L/AR:L/MAV:N/MAC:L/MPR:N/MUI:N/MS:U/MC:H/MI:H/MA:H

Vulnerable software and versions:

The versions listed below (or less than)

  • < framework v13.0.197.13

  • < frameworkv14.0.13.11

  • < framework v15.0.16.26

The following versions of fixes:

  • >= framework v13.0.197.14

  • >= framework v14.0.13.12

  • >= framework v15.0.16.27

Related Information

Official Bug ticket:  FREEPBX-20791 - Security issue: Potential login bypass CLOSED

Further Details:

The Sangoma and FreePBX team has deemed this a major security issue. We strongly encourage all users of FreePBX 13, 14 and 15 to upgrade to the latest core version. This can be done from the Module Admin GUI or fwconsole. For more information on using Module Admin, please see https://sangomakb.atlassian.net/wiki/spaces/PG/pages/20023939/Module+Admin+User+Guide .
Sangoma takes security seriously and request that any future FreePBX security issue be reported at security@freepbx.org.

Return to Documentation Home I Return to Sangoma Support