CVE-2023-43336

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-43336
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-43336.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-43336
Published
2023-11-02T12:15:09.673Z
Modified
2026-04-12T07:19:53.449870Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Sangoma Technologies FreePBX before cdr 15.0.18, 16.0.40, 15.0.16, and 16.0.17 was discovered to contain an access control issue via a modified parameter value, e.g., changing extension=self to extension=101.

References

Affected packages

Git / github.com/freepbx/framework

Affected ranges

Type
GIT
Repo
https://github.com/freepbx/framework
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
79537234fc12d8d335872e9271df31b1881bc102
Fixed
42db32b28137df82fe4982df992d560804ce71c7
Introduced
b18510d02ee77c67018ce891cbb5ef7a2d0c8b43
Fixed
e8ed810b0b56a86d30da034aeb24342e1eab6f07
Fixed
ea294ce5815344efff62947cf34c56f62e3d2baf
Database specific 
{
    "cpe": "cpe:2.3:a:sangoma:freepbx:*:*:*:*:*:*:*:*",
    "source": "CPE_FIELD",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "15.0.16"
        },
        {
            "fixed": "15.0.18"
        },
        {
            "introduced": "16.0.2"
        },
        {
            "fixed": "16.0.17"
        },
        {
            "fixed": "16.0.40"
        }
    ]
}

Affected versions

release/12.*
release/12.0.0.0alpha1.0
release/12.0.1alpha1
release/12.0.1alpha10
release/12.0.1alpha11
release/12.0.1alpha12
release/12.0.1alpha13
release/12.0.1alpha14
release/12.0.1alpha16
release/12.0.1alpha17
release/12.0.1alpha18
release/12.0.1alpha19
release/12.0.1alpha2
release/12.0.1alpha20
release/12.0.1alpha21
release/12.0.1alpha22
release/12.0.1alpha23
release/12.0.1alpha24
release/12.0.1alpha25
release/12.0.1alpha26
release/12.0.1alpha27
release/12.0.1alpha28
release/12.0.1alpha29
release/12.0.1alpha3
release/12.0.1alpha30
release/12.0.1alpha31
release/12.0.1alpha32
release/12.0.1alpha4
release/12.0.1alpha5
release/12.0.1alpha7
release/13.*
release/13.0.1RC1.20
release/13.0.1RC1.21
release/13.0.1RC1.22
release/13.0.1RC1.23
release/13.0.1RC1.24
release/13.0.1RC1.25
release/13.0.1RC1.26
release/13.0.1RC1.27
release/13.0.1RC1.28
release/13.0.1RC1.30
release/13.0.1alpha10
release/13.0.1alpha11
release/13.0.1alpha12
release/13.0.1alpha14
release/13.0.1alpha15
release/13.0.1alpha16
release/13.0.1alpha17
release/13.0.1alpha18
release/13.0.1alpha19
release/13.0.1alpha2
release/13.0.1alpha20
release/13.0.1alpha21
release/13.0.1alpha22
release/13.0.1alpha23
release/13.0.1alpha24
release/13.0.1alpha25
release/13.0.1alpha26
release/13.0.1alpha27
release/13.0.1alpha28
release/13.0.1alpha29
release/13.0.1alpha3
release/13.0.1alpha30
release/13.0.1alpha31
release/13.0.1alpha32
release/13.0.1alpha33
release/13.0.1alpha34
release/13.0.1alpha35
release/13.0.1alpha36
release/13.0.1alpha37
release/13.0.1alpha38
release/13.0.1alpha39
release/13.0.1alpha4
release/13.0.1alpha40
release/13.0.1alpha41
release/13.0.1alpha42
release/13.0.1alpha43
release/13.0.1alpha44
release/13.0.1alpha45
release/13.0.1alpha46
release/13.0.1alpha47
release/13.0.1alpha48
release/13.0.1alpha49
release/13.0.1alpha5
release/13.0.1alpha50
release/13.0.1alpha51
release/13.0.1alpha52
release/13.0.1alpha53
release/13.0.1alpha54
release/13.0.1alpha55
release/13.0.1alpha56
release/13.0.1alpha57
release/13.0.1alpha58
release/13.0.1alpha59
release/13.0.1alpha6
release/13.0.1alpha60
release/13.0.1alpha61
release/13.0.1alpha62
release/13.0.1alpha63
release/13.0.1alpha64
release/13.0.1alpha65
release/13.0.1alpha66
release/13.0.1alpha67
release/13.0.1alpha68
release/13.0.1alpha69
release/13.0.1alpha7
release/13.0.1alpha8
release/13.0.1alpha9
release/13.0.1beta1
release/13.0.1beta2
release/13.0.1beta3
release/13.0.1beta3.1
release/13.0.1beta3.10
release/13.0.1beta3.11
release/13.0.1beta3.12
release/13.0.1beta3.13
release/13.0.1beta3.14
release/13.0.1beta3.15
release/13.0.1beta3.16
release/13.0.1beta3.17
release/13.0.1beta3.18
release/13.0.1beta3.19
release/13.0.1beta3.2
release/13.0.1beta3.20
release/13.0.1beta3.21
release/13.0.1beta3.22
release/13.0.1beta3.23
release/13.0.1beta3.24
release/13.0.1beta3.25
release/13.0.1beta3.3
release/13.0.1beta3.4
release/13.0.1beta3.5
release/13.0.1beta3.53
release/13.0.1beta3.54
release/13.0.1beta3.55
release/13.0.1beta3.56
release/13.0.1beta3.57
release/13.0.1beta3.58
release/13.0.1beta3.59
release/13.0.1beta3.6
release/13.0.1beta3.60
release/13.0.1beta3.61
release/13.0.1beta3.62
release/13.0.1beta3.63
release/13.0.1beta3.7
release/13.0.1beta3.9
release/13.0.4
release/13.0.5
release/13.0.6
release/14.*
release/14.0.1
release/14.0.1.1
release/14.0.1alpha1
release/14.0.1alpha10
release/14.0.1alpha11
release/14.0.1alpha12
release/14.0.1alpha13
release/14.0.1alpha14
release/14.0.1alpha15
release/14.0.1alpha16
release/14.0.1alpha17
release/14.0.1alpha18
release/14.0.1alpha19
release/14.0.1alpha2
release/14.0.1alpha20
release/14.0.1alpha21
release/14.0.1alpha22
release/14.0.1alpha23
release/14.0.1alpha24
release/14.0.1alpha25
release/14.0.1alpha26
release/14.0.1alpha27
release/14.0.1alpha28
release/14.0.1alpha29
release/14.0.1alpha3
release/14.0.1alpha30
release/14.0.1alpha31
release/14.0.1alpha32
release/14.0.1alpha33
release/14.0.1alpha34
release/14.0.1alpha35
release/14.0.1alpha4
release/14.0.1alpha5
release/14.0.1alpha6
release/14.0.1alpha7
release/14.0.1alpha8
release/14.0.1alpha9
release/14.0.1beta1
release/14.0.1beta10
release/14.0.1beta11
release/14.0.1beta12
release/14.0.1beta13
release/14.0.1beta14
release/14.0.1beta15
release/14.0.1beta16
release/14.0.1beta17
release/14.0.1beta18
release/14.0.1beta19
release/14.0.1beta2
release/14.0.1beta20
release/14.0.1beta3
release/14.0.1beta4
release/14.0.1beta5
release/14.0.1beta6
release/14.0.1beta7
release/14.0.1beta8
release/14.0.1beta9
release/14.0.1rc1
release/14.0.1rc1.1
release/14.0.1rc1.10
release/14.0.1rc1.11
release/14.0.1rc1.12
release/14.0.1rc1.13
release/14.0.1rc1.14
release/14.0.1rc1.15
release/14.0.1rc1.16
release/14.0.1rc1.17
release/14.0.1rc1.18
release/14.0.1rc1.19
release/14.0.1rc1.2
release/14.0.1rc1.21
release/14.0.1rc1.22
release/14.0.1rc1.23
release/14.0.1rc1.24
release/14.0.1rc1.25
release/14.0.1rc1.26
release/14.0.1rc1.27
release/14.0.1rc1.29
release/14.0.1rc1.3
release/14.0.1rc1.30
release/14.0.1rc1.4
release/14.0.1rc1.5
release/14.0.1rc1.6
release/14.0.1rc1.7
release/14.0.1rc1.8
release/15.*
release/15.0.1.1
release/15.0.1.10
release/15.0.1.11
release/15.0.1.12
release/15.0.1.13
release/15.0.1.14
release/15.0.1.15
release/15.0.1.16
release/15.0.1.17
release/15.0.1.18
release/15.0.1.19
release/15.0.1.2
release/15.0.1.21
release/15.0.1.22
release/15.0.1.23
release/15.0.1.24
release/15.0.1.25
release/15.0.1.26
release/15.0.1.27
release/15.0.1.28
release/15.0.1.29
release/15.0.1.3
release/15.0.1.30
release/15.0.1.31
release/15.0.1.32
release/15.0.1.33
release/15.0.1.34
release/15.0.1.35
release/15.0.1.36
release/15.0.1.37
release/15.0.1.38
release/15.0.1.39
release/15.0.1.4
release/15.0.1.40
release/15.0.1.41
release/15.0.1.42
release/15.0.1.5
release/15.0.1.6
release/15.0.1.7
release/15.0.1.8
release/15.0.1.9
release/15.0.10
release/15.0.10.1
release/15.0.10.2
release/15.0.10.3
release/15.0.11
release/15.0.11.1
release/15.0.12
release/15.0.14
release/15.0.15
release/15.0.15.1
release/15.0.15.2
release/15.0.15.3
release/15.0.15.4
release/15.0.16
release/15.0.16.1
release/15.0.16.10
release/15.0.16.11
release/15.0.16.12
release/15.0.16.13
release/15.0.16.14
release/15.0.16.15
release/15.0.16.16
release/15.0.16.17
release/15.0.16.18
release/15.0.16.19
release/15.0.16.2
release/15.0.16.20
release/15.0.16.21
release/15.0.16.22
release/15.0.16.23
release/15.0.16.26
release/15.0.16.27
release/15.0.16.28
release/15.0.16.29
release/15.0.16.3
release/15.0.16.30
release/15.0.16.31
release/15.0.16.32
release/15.0.16.33
release/15.0.16.34
release/15.0.16.35
release/15.0.16.36
release/15.0.16.37
release/15.0.16.38
release/15.0.16.39
release/15.0.16.4
release/15.0.16.40
release/15.0.16.41
release/15.0.16.42
release/15.0.16.43
release/15.0.16.44
release/15.0.16.45
release/15.0.16.46
release/15.0.16.47
release/15.0.16.48
release/15.0.16.49
release/15.0.16.5
release/15.0.16.50
release/15.0.16.51
release/15.0.16.52
release/15.0.16.53
release/15.0.16.54
release/15.0.16.55
release/15.0.16.56
release/15.0.16.57
release/15.0.16.58
release/15.0.16.59
release/15.0.16.6
release/15.0.16.60
release/15.0.16.61
release/15.0.16.62
release/15.0.16.63
release/15.0.16.64
release/15.0.16.65
release/15.0.16.66
release/15.0.16.67
release/15.0.16.68
release/15.0.16.69
release/15.0.16.7
release/15.0.16.70
release/15.0.16.71
release/15.0.16.72
release/15.0.16.73
release/15.0.16.74
release/15.0.16.75
release/15.0.16.76
release/15.0.16.77
release/15.0.16.78
release/15.0.16.8
release/15.0.16.80
release/15.0.16.81
release/15.0.16.82
release/15.0.16.9
release/15.0.17
release/15.0.17.1
release/15.0.17.10
release/15.0.17.11
release/15.0.17.12
release/15.0.17.13
release/15.0.17.14
release/15.0.17.15
release/15.0.17.16
release/15.0.17.17
release/15.0.17.18
release/15.0.17.19
release/15.0.17.2
release/15.0.17.20
release/15.0.17.21
release/15.0.17.22
release/15.0.17.23
release/15.0.17.24
release/15.0.17.25
release/15.0.17.26
release/15.0.17.27
release/15.0.17.28
release/15.0.17.29
release/15.0.17.3
release/15.0.17.30
release/15.0.17.31
release/15.0.17.32
release/15.0.17.33
release/15.0.17.34
release/15.0.17.35
release/15.0.17.36
release/15.0.17.37
release/15.0.17.38
release/15.0.17.39
release/15.0.17.4
release/15.0.17.40
release/15.0.17.41
release/15.0.17.42
release/15.0.17.43
release/15.0.17.44
release/15.0.17.45
release/15.0.17.46
release/15.0.17.47
release/15.0.17.48
release/15.0.17.49
release/15.0.17.5
release/15.0.17.50
release/15.0.17.51
release/15.0.17.52
release/15.0.17.53
release/15.0.17.54
release/15.0.17.55
release/15.0.17.56
release/15.0.17.57
release/15.0.17.58
release/15.0.17.59
release/15.0.17.6
release/15.0.17.60
release/15.0.17.61
release/15.0.17.62
release/15.0.17.63
release/15.0.17.64
release/15.0.17.65
release/15.0.17.66
release/15.0.17.67
release/15.0.17.68
release/15.0.17.7
release/15.0.17.8
release/15.0.17.9
release/15.0.1alpha2
release/15.0.1alpha3
release/15.0.1beta1
release/15.0.1beta2
release/15.0.1beta3
release/15.0.2
release/15.0.2.1
release/15.0.2.10
release/15.0.2.11
release/15.0.2.12
release/15.0.2.13
release/15.0.2.14
release/15.0.2.15
release/15.0.2.16
release/15.0.2.2
release/15.0.2.3
release/15.0.2.4
release/15.0.2.5
release/15.0.2.6
release/15.0.2.7
release/15.0.2.8
release/15.0.2.9
release/15.0.3
release/15.0.4
release/15.0.5
release/15.0.5.1
release/15.0.5.11
release/15.0.5.12
release/15.0.5.13
release/15.0.5.14
release/15.0.5.2
release/15.0.5.3
release/15.0.5.6
release/15.0.5.7
release/15.0.5.8
release/15.0.5.9
release/15.0.6
release/15.0.6.1
release/15.0.6.11
release/15.0.6.12
release/15.0.6.13
release/15.0.6.14
release/15.0.6.15
release/15.0.6.16
release/15.0.6.17
release/15.0.6.18
release/15.0.6.2
release/15.0.6.3
release/15.0.6.4
release/15.0.6.5
release/15.0.6.6
release/15.0.6.7
release/15.0.6.8
release/15.0.6.9
release/15.0.7
release/15.0.8
release/15.0.8.1
release/15.0.9
release/16.*
release/16.0.10
release/16.0.10.1
release/16.0.10.10
release/16.0.10.11
release/16.0.10.12
release/16.0.10.13
release/16.0.10.14
release/16.0.10.15
release/16.0.10.16
release/16.0.10.17
release/16.0.10.18
release/16.0.10.19
release/16.0.10.2
release/16.0.10.20
release/16.0.10.21
release/16.0.10.22
release/16.0.10.23
release/16.0.10.24
release/16.0.10.25
release/16.0.10.26
release/16.0.10.27
release/16.0.10.28
release/16.0.10.29
release/16.0.10.3
release/16.0.10.30
release/16.0.10.31
release/16.0.10.32
release/16.0.10.33
release/16.0.10.34
release/16.0.10.35
release/16.0.10.36
release/16.0.10.37
release/16.0.10.38
release/16.0.10.39
release/16.0.10.4
release/16.0.10.40
release/16.0.10.41
release/16.0.10.42
release/16.0.10.43
release/16.0.10.44
release/16.0.10.45
release/16.0.10.46
release/16.0.10.47
release/16.0.10.48
release/16.0.10.49
release/16.0.10.5
release/16.0.10.50
release/16.0.10.51
release/16.0.10.6
release/16.0.10.7
release/16.0.10.8
release/16.0.10.9
release/16.0.11
release/16.0.12
release/16.0.13
release/16.0.14
release/16.0.15
release/16.0.16
release/16.0.17
release/16.0.18
release/16.0.19
release/16.0.19.1
release/16.0.19.2
release/16.0.19.3
release/16.0.19.4
release/16.0.19.5
release/16.0.19.6
release/16.0.20
release/16.0.21
release/16.0.21.1
release/16.0.21.10
release/16.0.21.11
release/16.0.21.12
release/16.0.21.13
release/16.0.21.14
release/16.0.21.15
release/16.0.21.16
release/16.0.21.17
release/16.0.21.18
release/16.0.21.19
release/16.0.21.2
release/16.0.21.20
release/16.0.21.21
release/16.0.21.3
release/16.0.21.4
release/16.0.21.5
release/16.0.21.6
release/16.0.21.7
release/16.0.21.8
release/16.0.21.9
release/16.0.22
release/16.0.23
release/16.0.24
release/16.0.25
release/16.0.26
release/16.0.27
release/16.0.28
release/16.0.29
release/16.0.3
release/16.0.30
release/16.0.31
release/16.0.32
release/16.0.33
release/16.0.34
release/16.0.35
release/16.0.36
release/16.0.37
release/16.0.38
release/16.0.39
release/16.0.4
release/16.0.5
release/16.0.6
release/16.0.7
release/16.0.8
release/16.0.9
release/2.*
release/2.11.0.0
release/2.11.0.0beta1.0
release/2.11.0.0beta1.1
release/2.11.0.0beta1.2
release/2.11.0.0beta1.3
release/2.11.0.0beta1.4
release/2.11.0.0beta1.5
release/2.11.0.0beta2.0
release/2.11.0.0beta2.1
release/2.11.0.0beta2.2
release/2.11.0.0beta2.3
release/2.11.0.0beta2.4
release/2.11.0.0beta2.5
release/2.11.0.0beta2.6
release/2.11.0.0beta2.8
release/2.11.0.0beta2.9
release/2.11.0.0rc1.0
release/2.11.0.0rc1.1
release/2.11.0.0rc1.2
release/2.11.0.0rc1.3
release/2.11.0.0rc1.4
release/2.11.0.0rc1.5
release/2.11.0.0rc1.7
release/2.11.0.1
release/2.11.0.10
release/2.11.0.11
release/2.11.0.2
release/2.11.0.3
release/2.11.0.4
release/2.11.0.5
release/2.11.0.6
release/2.11.0.7
release/2.11.0.8
release/2.11.0.9

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-43336.json"