CVE-2021-45490

2022-03-2801:10:43

mitre

www.cve.org

3cx

windows

ios

android

ssl certificate validation

AI Score

9.3

Confidence

High

EPSS

0.002

Percentile

54.3%

JSON

The client applications in 3CX on Windows, the 3CX app for iOS, and the 3CX application for Android through 2022-03-17 lack SSL certificate validation.

References

packetstormsecurity.com/files/166376/3CX-Client-Missing-TLS-Validation.html

www.3cx.com/community/forums/posts-articles-news/