CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-45490

The client applications in 3CX on Windows, the 3CX app for iOS, and the 3CX application for Android through 2022-03-17 lack SSL certificate validation.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 33.8%

CVSS Severity

CVSS v3 Score 9.1

CVSS v2 Score 6.4

References

https://packetstormsecurity.com/files/166376/3CX-Client-Missing-TLS-Validation.html
https://www.3cx.com/community/forums/posts-articles-news/
https://packetstormsecurity.com/files/166376/3CX-Client-Missing-TLS-Validation.html
https://www.3cx.com/community/forums/posts-articles-news/

Products affected by CVE-2021-45490

3cx » 3cx » Version: Any

cpe:2.3:a:3cx:3cx:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-45490

Products

Pricing

Contact Us