Vulnerability Details CVE-2018-18567
AudioCodes 440HD and 450HD devices 3.1.2.89 and earlier allows man-in-the-middle attackers to obtain sensitive credential information by leveraging failure to validate X.509 certificates when used with an on-premise installation with Skype for Business.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.5%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 4.3
References
- http://www.securitytracker.com/id/1041956
- https://seclists.org/bugtraq/2018/Oct/32
- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-026.txt
- http://www.securitytracker.com/id/1041956
- https://seclists.org/bugtraq/2018/Oct/32
- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-026.txt
Products affected by CVE-2018-18567
-
cpe:2.3:h:audiocodes:440hd:-
-
cpe:2.3:h:audiocodes:450hd:-
-
cpe:2.3:o:audiocodes:440hd_firmware:*
-
cpe:2.3:o:audiocodes:450hd_firmware:*