Sign-up

ID

VAR-202110-1372


CVE

CVE-2021-41157


TITLE

FreeSWITCH  Vulnerability regarding lack of authentication for critical features in

Trust: 0.8

sources: JVNDB: JVNDB-2021-014048

DESCRIPTION

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. By default, SIP requests of the type SUBSCRIBE are not authenticated in the affected versions of FreeSWITCH. Abuse of this security issue allows attackers to subscribe to user agent event notifications without the need to authenticate. This abuse poses privacy concerns and might lead to social engineering or similar attacks. For example, attackers may be able to monitor the status of target SIP extensions. Although this issue was fixed in version v1.10.6, installations upgraded to the fixed version of FreeSWITCH from an older version, may still be vulnerable if the configuration is not updated accordingly. Software upgrades do not update the configuration by default. SIP SUBSCRIBE messages should be authenticated by default so that FreeSWITCH administrators do not need to explicitly set the `auth-subscriptions` parameter. When following such a recommendation, a new parameter can be introduced to explicitly disable authentication. FreeSWITCH There is a vulnerability in the lack of authentication for critical features.Information may be obtained. FreeSWITCH is a set of free and open source communication software developed by the individual developer Anthony Minesale in the United States. The software can be used to create audio, video and short message products and applications. There is a security vulnerability in FreeSWITCH versions 1.10.5 and earlier versions

Trust: 1.8

sources: NVD: CVE-2021-41157 // JVNDB: JVNDB-2021-014048 // VULHUB: VHN-397861 // VULMON: CVE-2021-41157

AFFECTED PRODUCTS

vendor:freeswitchmodel:freeswitchscope:ltversion:1.10.6

Trust: 1.0

vendor:freeswitchmodel:freeswitchscope:eqversion: -

Trust: 0.8

vendor:freeswitchmodel:freeswitchscope:eqversion:1.10.6

Trust: 0.8

sources: JVNDB: JVNDB-2021-014048 // NVD: CVE-2021-41157

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-41157
value: MEDIUM

Trust: 1.0

security-advisories@github.com: CVE-2021-41157
value: MEDIUM

Trust: 1.0

NVD: CVE-2021-41157
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202110-1786
value: MEDIUM

Trust: 0.6

VULHUB: VHN-397861
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-41157
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-397861
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

security-advisories@github.com: CVE-2021-41157
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 1.0

OTHER: JVNDB-2021-014048
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-397861 // JVNDB: JVNDB-2021-014048 // CNNVD: CNNVD-202110-1786 // NVD: CVE-2021-41157 // NVD: CVE-2021-41157

PROBLEMTYPE DATA

problemtype:CWE-306

Trust: 1.1

problemtype:CWE-287

Trust: 1.0

problemtype:Lack of authentication for critical features (CWE-306) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-397861 // JVNDB: JVNDB-2021-014048 // NVD: CVE-2021-41157

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202110-1786

TYPE

access control error

Trust: 0.6

sources: CNNVD: CNNVD-202110-1786

PATCH

title:FreeSWITCH does not authenticate SIP SUBSCRIBE requests by defaulturl:https://github.com/signalwire/freeswitch/commit/b21dd4e7f3a6f1d5f7be3ea500a319a5bc11db9e

Trust: 0.8

title:FreeSWITCH Remediation measures for authorization problem vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=167406

Trust: 0.6

sources: JVNDB: JVNDB-2021-014048 // CNNVD: CNNVD-202110-1786

EXTERNAL IDS

db:NVDid:CVE-2021-41157

Trust: 3.4

db:PACKETSTORMid:164638

Trust: 0.8

db:JVNDBid:JVNDB-2021-014048

Trust: 0.8

db:CNNVDid:CNNVD-202110-1786

Trust: 0.7

db:VULHUBid:VHN-397861

Trust: 0.1

db:VULMONid:CVE-2021-41157

Trust: 0.1

sources: VULHUB: VHN-397861 // VULMON: CVE-2021-41157 // JVNDB: JVNDB-2021-014048 // CNNVD: CNNVD-202110-1786 // NVD: CVE-2021-41157

REFERENCES

url:http://seclists.org/fulldisclosure/2021/oct/41

Trust: 2.5

url:https://github.com/signalwire/freeswitch/security/advisories/ghsa-g7xg-7c54-rmpj

Trust: 1.7

url:https://github.com/signalwire/freeswitch/commit/b21dd4e7f3a6f1d5f7be3ea500a319a5bc11db9e

Trust: 1.7

url:https://github.com/signalwire/freeswitch/releases/tag/v1.10.6

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2021-41157

Trust: 1.4

url:https://packetstormsecurity.com/files/164638/freeswitch-1.10.5-sip-subscribe-missing-authentication.html

Trust: 0.7

sources: VULHUB: VHN-397861 // VULMON: CVE-2021-41157 // JVNDB: JVNDB-2021-014048 // CNNVD: CNNVD-202110-1786 // NVD: CVE-2021-41157

SOURCES

db:VULHUBid:VHN-397861
db:VULMONid:CVE-2021-41157
db:JVNDBid:JVNDB-2021-014048
db:CNNVDid:CNNVD-202110-1786
db:NVDid:CVE-2021-41157

LAST UPDATE DATE

2024-08-14T13:53:52.297000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-397861date:2022-08-09T00:00:00
db:JVNDBid:JVNDB-2021-014048date:2022-10-03T07:29:00
db:CNNVDid:CNNVD-202110-1786date:2022-08-10T00:00:00
db:NVDid:CVE-2021-41157date:2022-08-09T13:41:18.067

SOURCES RELEASE DATE

db:VULHUBid:VHN-397861date:2021-10-26T00:00:00
db:JVNDBid:JVNDB-2021-014048date:2022-10-03T00:00:00
db:CNNVDid:CNNVD-202110-1786date:2021-10-25T00:00:00
db:NVDid:CVE-2021-41157date:2021-10-26T14:15:07.807