Innovaphone PBX Vulnerability Exposes Information to Attackers
CVE-2024-24720

Currently unrated

Key Information:

Vendor: Innovaphone
Vendor: CVE Published:; 27 February 2024

Summary

An issue was discovered in the Forgot password function in Innovaphone PBX before 14r1 devices. It provides information about whether a user exists on a system.

References

https://excellium-services.com/cert-xlm-advisory/CVE-2024...

https://wiki.innovaphone.com/index.php?title=Reference14r...

Timeline

Vulnerability published
Feb 27, 2024
Vulnerability Reserved
Jan 27, 2024