Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2009-1803

FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, generates different error messages for a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.4%
CVSS Severity
CVSS v2 Score 5.0
Products affected by CVE-2009-1803
  • Freepbx » Freepbx » Version: 2.4
    cpe:2.3:a:freepbx:freepbx:2.4
  • Freepbx » Freepbx » Version: 2.4.0_beta1
    cpe:2.3:a:freepbx:freepbx:2.4.0_beta1
  • Freepbx » Freepbx » Version: 2.4.0_beta2
    cpe:2.3:a:freepbx:freepbx:2.4.0_beta2
  • Freepbx » Freepbx » Version: 2.4.1
    cpe:2.3:a:freepbx:freepbx:2.4.1
  • Freepbx » Freepbx » Version: 2.5
    cpe:2.3:a:freepbx:freepbx:2.5
  • Freepbx » Freepbx » Version: 2.5.0_beta1
    cpe:2.3:a:freepbx:freepbx:2.5.0_beta1
  • Freepbx » Freepbx » Version: 2.5.0rc2
    cpe:2.3:a:freepbx:freepbx:2.5.0rc2
  • Freepbx » Freepbx » Version: 2.5.0rc3
    cpe:2.3:a:freepbx:freepbx:2.5.0rc3
  • Freepbx » Freepbx » Version: 2.5.1
    cpe:2.3:a:freepbx:freepbx:2.5.1
  • Freepbx » Freepbx » Version: 2.5.2
    cpe:2.3:a:freepbx:freepbx:2.5.2
  • Sangoma » Freepbx » Version: 2.4.0
    cpe:2.3:a:sangoma:freepbx:2.4.0
  • Sangoma » Freepbx » Version: 2.5.0
    cpe:2.3:a:sangoma:freepbx:2.5.0


Products
Pricing
Contact Us

Shodan ® - All rights reserved