CVE-2019-9971

Published: Jun 7, 2022Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

PhoneSystem Terminal in 3CX Phone System (Debian based installation) 16.0.0.1570 allows an attacker to gain root privileges by using sudo with the tcpdump command, without a password. This occurs because the -z (aka postrotate-command) option to tcpdump can be unsafe when used in conjunction with sudo.

Affected (2)

Products: 3cx: Phone System Firmware · Debian: Debian Linux

1 product

Phone System Firmware

1 product

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
3cx Phone System Firmware	Version 16.0.0.1570

Running on/with	Platform Versions
3cx Phone System	All versions

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	All versions

Related CWEs

Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References (6)

https://www.gosecure.net/blog

Source: cve@mitre.org

Third Party Advisory

https://www.gosecure.net/blog/2022/05/31/security-advisory-multiple-vulnerabilities-impact-3cx-phone-system/

Source: cve@mitre.org

ExploitThird Party Advisory

https://www.securusglobal.com/community/2014/03/17/how-i-got-root-with-sudo/

Source: cve@mitre.org

Third Party Advisory

https://www.gosecure.net/blog

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.gosecure.net/blog/2022/05/31/security-advisory-multiple-vulnerabilities-impact-3cx-phone-system/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://www.securusglobal.com/community/2014/03/17/how-i-got-root-with-sudo/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.