RSS   Vulnerabilities for 'Pexip infinity'   RSS

2022-07-17
 
CVE-2022-29286

CWE-770
 

 
Pexip Infinity 27 before 28.0 allows remote attackers to trigger excessive resource consumption and termination because of registrar resource mishandling.

 
 
CVE-2022-25357

CWE-668
 

 
Pexip Infinity 27.x before 27.2 has Improper Access Control. An attacker can sometimes join a conference (call join) if it has a lock but not a PIN.

 
 
CVE-2022-26654

CWE-74
 

 
Pexip Infinity before 27.3 allows remote attackers to force a software abort via HTTP.

 
 
CVE-2022-26655

CWE-20
 

 
Pexip Infinity 27.x before 27.3 has Improper Input Validation. The client API allows remote attackers to trigger a software abort via a gateway call into Teams.

 
 
CVE-2022-26656

NVD-CWE-noinfo
 

 
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort, and possibly enumerate usernames, via One Touch Join.

 
 
CVE-2022-26657

NVD-CWE-noinfo
 

 
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join.

 
 
CVE-2022-27928

NVD-CWE-noinfo
 

 
Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol.

 
 
CVE-2022-27929

CWE-20
 

 
Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via HTTP.

 
 
CVE-2022-27930

CWE-20
 

 
Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via single-sign-on if a random Universally Unique Identifier is guessed.

 
 
CVE-2022-27931

CWE-20
 

 
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol.

 


Copyright 2024, cxsecurity.com

 

Back to Top