CVE-2019-19538

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2019-19538

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-19538.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-19538

Published

2020-03-16T21:15:12Z

Modified

2025-01-14T07:54:57.864282Z

Severity

7.2 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

In Sangoma FreePBX 13 through 15 and sysadmin (aka System Admin) 13.0.92 through 15.0.13.6 modules have a Remote Command Execution vulnerability that results in Privilege Escalation.

References

Affected packages

Git / github.com/freepbx/core

Affected ranges

Type: GIT
Repo: https://github.com/freepbx/core
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

05eb1128ded8aa5cd61d92ffee3b9a7c6dd0c34d

Type: GIT
Repo: https://github.com/freepbx/framework
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

71349862075c0686aedb4176ebab4f5c17da608c

Affected versions

release/12.*

release/12.0.0.0alpha1.0

release/12.0.10

release/12.0.11

release/12.0.12

release/12.0.13

release/12.0.14

release/12.0.15

release/12.0.16

release/12.0.17

release/12.0.18

release/12.0.19

release/12.0.1alpha1

release/12.0.1alpha10

release/12.0.1alpha11

release/12.0.1alpha12

release/12.0.1alpha13

release/12.0.1alpha14

release/12.0.1alpha15

release/12.0.1alpha16

release/12.0.1alpha17

release/12.0.1alpha18

release/12.0.1alpha19

release/12.0.1alpha2

release/12.0.1alpha20

release/12.0.1alpha21

release/12.0.1alpha22

release/12.0.1alpha23

release/12.0.1alpha24

release/12.0.1alpha25

release/12.0.1alpha26

release/12.0.1alpha27

release/12.0.1alpha28

release/12.0.1alpha29

release/12.0.1alpha3

release/12.0.1alpha30

release/12.0.1alpha31

release/12.0.1alpha32

release/12.0.1alpha33

release/12.0.1alpha34

release/12.0.1alpha35

release/12.0.1alpha36

release/12.0.1alpha37

release/12.0.1alpha38

release/12.0.1alpha4

release/12.0.1alpha40

release/12.0.1alpha41

release/12.0.1alpha42

release/12.0.1alpha43

release/12.0.1alpha44

release/12.0.1alpha45

release/12.0.1alpha46

release/12.0.1alpha48

release/12.0.1alpha49

release/12.0.1alpha5

release/12.0.1alpha50

release/12.0.1alpha51

release/12.0.1alpha52

release/12.0.1alpha53

release/12.0.1alpha54

release/12.0.1alpha55

release/12.0.1alpha56

release/12.0.1alpha57

release/12.0.1alpha58

release/12.0.1alpha59

release/12.0.1alpha6

release/12.0.1alpha7

release/12.0.1alpha8

release/12.0.1alpha9

release/12.0.1beta1

release/12.0.1beta10

release/12.0.1beta11

release/12.0.1beta12

release/12.0.1beta14

release/12.0.1beta15

release/12.0.1beta16

release/12.0.1beta17

release/12.0.1beta18

release/12.0.1beta19

release/12.0.1beta2

release/12.0.1beta20

release/12.0.1beta21

release/12.0.1beta22

release/12.0.1beta23

release/12.0.1beta24

release/12.0.1beta25

release/12.0.1beta26

release/12.0.1beta27

release/12.0.1beta28

release/12.0.1beta29

release/12.0.1beta3

release/12.0.1beta30

release/12.0.1beta31

release/12.0.1beta32

release/12.0.1beta33

release/12.0.1beta34

release/12.0.1beta35

release/12.0.1beta4

release/12.0.1beta5

release/12.0.1beta6

release/12.0.1beta7

release/12.0.1beta8

release/12.0.1beta9

release/12.0.1rc1

release/12.0.1rc10

release/12.0.1rc11

release/12.0.1rc12

release/12.0.1rc13

release/12.0.1rc14

release/12.0.1rc15

release/12.0.1rc16

release/12.0.1rc17

release/12.0.1rc18

release/12.0.1rc19

release/12.0.1rc2

release/12.0.1rc20

release/12.0.1rc21

release/12.0.1rc22

release/12.0.1rc24

release/12.0.1rc25

release/12.0.1rc27

release/12.0.1rc28

release/12.0.1rc29

release/12.0.1rc3

release/12.0.1rc31

release/12.0.1rc32

release/12.0.1rc34

release/12.0.1rc35

release/12.0.1rc36

release/12.0.1rc37

release/12.0.1rc4

release/12.0.1rc5

release/12.0.1rc6

release/12.0.1rc7

release/12.0.1rc8

release/12.0.1rc9

release/12.0.2

release/12.0.20

release/12.0.21

release/12.0.22

release/12.0.23

release/12.0.24

release/12.0.25

release/12.0.26

release/12.0.27

release/12.0.28

release/12.0.29

release/12.0.3

release/12.0.30

release/12.0.31

release/12.0.32

release/12.0.33

release/12.0.34

release/12.0.35

release/12.0.36

release/12.0.37

release/12.0.38

release/12.0.39

release/12.0.4

release/12.0.40

release/12.0.41

release/12.0.42

release/12.0.43

release/12.0.44

release/12.0.45

release/12.0.46

release/12.0.47

release/12.0.48

release/12.0.49

release/12.0.5

release/12.0.50

release/12.0.50.1

release/12.0.51

release/12.0.52

release/12.0.53

release/12.0.54

release/12.0.55

release/12.0.56

release/12.0.57

release/12.0.58

release/12.0.59

release/12.0.6

release/12.0.6.1

release/12.0.60

release/12.0.61

release/12.0.62

release/12.0.63

release/12.0.64

release/12.0.65

release/12.0.66

release/12.0.67

release/12.0.68

release/12.0.69

release/12.0.7

release/12.0.70

release/12.0.71

release/12.0.72

release/12.0.73

release/12.0.74

release/12.0.75

release/12.0.76

release/12.0.76.1

release/12.0.76.2

release/12.0.8

release/12.0.9

release/13.*

release/13.0.10

release/13.0.11

release/13.0.12

release/13.0.13

release/13.0.14

release/13.0.15

release/13.0.16

release/13.0.17

release/13.0.18

release/13.0.19

release/13.0.1RC1.0

release/13.0.1RC1.1

release/13.0.1RC1.10

release/13.0.1RC1.11

release/13.0.1RC1.12

release/13.0.1RC1.13

release/13.0.1RC1.14

release/13.0.1RC1.15

release/13.0.1RC1.16

release/13.0.1RC1.17

release/13.0.1RC1.18

release/13.0.1RC1.19

release/13.0.1RC1.2

release/13.0.1RC1.20

release/13.0.1RC1.21

release/13.0.1RC1.22

release/13.0.1RC1.23

release/13.0.1RC1.24

release/13.0.1RC1.25

release/13.0.1RC1.26

release/13.0.1RC1.27

release/13.0.1RC1.28

release/13.0.1RC1.3

release/13.0.1RC1.30

release/13.0.1RC1.4

release/13.0.1RC1.5

release/13.0.1RC1.6

release/13.0.1RC1.7

release/13.0.1RC1.8

release/13.0.1RC1.9

release/13.0.1alpha10

release/13.0.1alpha11

release/13.0.1alpha12

release/13.0.1alpha13

release/13.0.1alpha14

release/13.0.1alpha15

release/13.0.1alpha16

release/13.0.1alpha17

release/13.0.1alpha18

release/13.0.1alpha19

release/13.0.1alpha2

release/13.0.1alpha20

release/13.0.1alpha21

release/13.0.1alpha22

release/13.0.1alpha23

release/13.0.1alpha24

release/13.0.1alpha25

release/13.0.1alpha26

release/13.0.1alpha27

release/13.0.1alpha28

release/13.0.1alpha29

release/13.0.1alpha3

release/13.0.1alpha30

release/13.0.1alpha31

release/13.0.1alpha32

release/13.0.1alpha33

release/13.0.1alpha34

release/13.0.1alpha35

release/13.0.1alpha36

release/13.0.1alpha37

release/13.0.1alpha38

release/13.0.1alpha39

release/13.0.1alpha4

release/13.0.1alpha40

release/13.0.1alpha41

release/13.0.1alpha42

release/13.0.1alpha43

release/13.0.1alpha44

release/13.0.1alpha45

release/13.0.1alpha46

release/13.0.1alpha47

release/13.0.1alpha48

release/13.0.1alpha49

release/13.0.1alpha5

release/13.0.1alpha50

release/13.0.1alpha51

release/13.0.1alpha52

release/13.0.1alpha53

release/13.0.1alpha54

release/13.0.1alpha55

release/13.0.1alpha56

release/13.0.1alpha57

release/13.0.1alpha58

release/13.0.1alpha59

release/13.0.1alpha6

release/13.0.1alpha60

release/13.0.1alpha61

release/13.0.1alpha62

release/13.0.1alpha63

release/13.0.1alpha64

release/13.0.1alpha65

release/13.0.1alpha66

release/13.0.1alpha67

release/13.0.1alpha68

release/13.0.1alpha69

release/13.0.1alpha7

release/13.0.1alpha70

release/13.0.1alpha71

release/13.0.1alpha8

release/13.0.1alpha9

release/13.0.1beta1

release/13.0.1beta1.10

release/13.0.1beta1.11

release/13.0.1beta1.12

release/13.0.1beta1.13

release/13.0.1beta1.14

release/13.0.1beta1.15

release/13.0.1beta1.16

release/13.0.1beta1.17

release/13.0.1beta1.18

release/13.0.1beta1.19

release/13.0.1beta1.2

release/13.0.1beta1.20

release/13.0.1beta1.21

release/13.0.1beta1.22

release/13.0.1beta1.23

release/13.0.1beta1.24

release/13.0.1beta1.25

release/13.0.1beta1.26

release/13.0.1beta1.27

release/13.0.1beta1.28

release/13.0.1beta1.29

release/13.0.1beta1.3

release/13.0.1beta1.4

release/13.0.1beta1.5

release/13.0.1beta1.6

release/13.0.1beta1.7

release/13.0.1beta1.8

release/13.0.1beta1.9

release/13.0.1beta2

release/13.0.1beta3

release/13.0.1beta3.1

release/13.0.1beta3.10

release/13.0.1beta3.11

release/13.0.1beta3.12

release/13.0.1beta3.13

release/13.0.1beta3.14

release/13.0.1beta3.15

release/13.0.1beta3.16

release/13.0.1beta3.17

release/13.0.1beta3.18

release/13.0.1beta3.19

release/13.0.1beta3.2

release/13.0.1beta3.20

release/13.0.1beta3.21

release/13.0.1beta3.22

release/13.0.1beta3.23

release/13.0.1beta3.24

release/13.0.1beta3.25

release/13.0.1beta3.26

release/13.0.1beta3.27

release/13.0.1beta3.28

release/13.0.1beta3.29

release/13.0.1beta3.3

release/13.0.1beta3.30

release/13.0.1beta3.31

release/13.0.1beta3.32

release/13.0.1beta3.33

release/13.0.1beta3.34

release/13.0.1beta3.35

release/13.0.1beta3.36

release/13.0.1beta3.37

release/13.0.1beta3.38

release/13.0.1beta3.39

release/13.0.1beta3.4

release/13.0.1beta3.40

release/13.0.1beta3.41

release/13.0.1beta3.42

release/13.0.1beta3.43

release/13.0.1beta3.44

release/13.0.1beta3.45

release/13.0.1beta3.46

release/13.0.1beta3.48

release/13.0.1beta3.49

release/13.0.1beta3.5

release/13.0.1beta3.50

release/13.0.1beta3.51

release/13.0.1beta3.52

release/13.0.1beta3.53

release/13.0.1beta3.54

release/13.0.1beta3.55

release/13.0.1beta3.56

release/13.0.1beta3.57

release/13.0.1beta3.58

release/13.0.1beta3.59

release/13.0.1beta3.6

release/13.0.1beta3.60

release/13.0.1beta3.61

release/13.0.1beta3.62

release/13.0.1beta3.63

release/13.0.1beta3.64

release/13.0.1beta3.65

release/13.0.1beta3.66

release/13.0.1beta3.7

release/13.0.1beta3.9

release/13.0.2

release/13.0.20

release/13.0.21

release/13.0.22

release/13.0.23

release/13.0.24

release/13.0.25

release/13.0.26

release/13.0.27

release/13.0.28

release/13.0.29

release/13.0.3

release/13.0.30

release/13.0.31

release/13.0.32

release/13.0.33

release/13.0.34

release/13.0.35

release/13.0.36

release/13.0.37

release/13.0.38

release/13.0.38.1

release/13.0.38.2

release/13.0.39

release/13.0.4

release/13.0.40

release/13.0.41

release/13.0.42

release/13.0.43

release/13.0.44

release/13.0.45

release/13.0.46

release/13.0.47

release/13.0.48

release/13.0.49

release/13.0.5

release/13.0.50

release/13.0.51

release/13.0.52

release/13.0.53

release/13.0.54

release/13.0.55

release/13.0.56

release/13.0.57

release/13.0.58

release/13.0.59

release/13.0.6

release/13.0.60

release/13.0.61

release/13.0.61.1

release/13.0.61.2

release/13.0.61.3

release/13.0.61.4

release/13.0.62

release/13.0.63

release/13.0.64

release/13.0.65

release/13.0.66

release/13.0.67

release/13.0.68

release/13.0.69

release/13.0.7

release/13.0.70

release/13.0.71

release/13.0.72

release/13.0.73

release/13.0.74

release/13.0.75

release/13.0.76

release/13.0.77

release/13.0.78

release/13.0.79

release/13.0.8

release/13.0.80

release/13.0.81

release/13.0.82

release/13.0.83

release/13.0.84

release/13.0.85

release/13.0.86

release/13.0.87

release/13.0.88

release/13.0.89

release/13.0.9

release/13.0.90

release/13.0.91

release/2.*

release/2.10.0.0

release/2.10.0.1

release/2.10.0.2

release/2.10.0.3

release/2.10.0.4

release/2.10.0.5

release/2.10.0.7

release/2.10.0.8

release/2.10.0beta1.0

release/2.10.0beta1.1

release/2.10.0beta2.0

release/2.10.0beta2.1

release/2.10.0beta2.2

release/2.10.0beta2.3

release/2.10.0beta2.4

release/2.10.0beta2.5

release/2.10.0beta2.6

release/2.10.0beta2.7

release/2.10.0beta2.8

release/2.10.0beta3.0

release/2.10.0beta3.1

release/2.10.0beta3.2

release/2.10.0beta3.3

release/2.10.0beta3.4

release/2.10.0beta3.5

release/2.10.0beta3.6

release/2.10.0rc1.0

release/2.10.0rc1.1

release/2.10.0rc1.2

release/2.10.0rc1.3

release/2.10.0rc1.4

release/2.10.0rc1.5

release/2.10.0rc1.6

release/2.10.0rc1.7

release/2.10.1.0

release/2.10.1.1

release/2.10.1.10

release/2.10.1.11

release/2.10.1.12

release/2.10.1.13

release/2.10.1.14

release/2.10.1.15

release/2.10.1.16

release/2.10.1.17

release/2.10.1.18

release/2.10.1.19

release/2.10.1.2

release/2.10.1.3

release/2.10.1.4

release/2.10.1.5

release/2.10.1.6

release/2.10.1.7

release/2.10.1.8

release/2.10.1.9

release/2.11.0.0

release/2.11.0.0beta1.0

release/2.11.0.0beta1.1

release/2.11.0.0beta1.2

release/2.11.0.0beta1.3

release/2.11.0.0beta1.4

release/2.11.0.0beta1.5

release/2.11.0.0beta2.0

release/2.11.0.0beta2.1

release/2.11.0.0beta2.2

release/2.11.0.0beta2.3

release/2.11.0.0beta2.4

release/2.11.0.0beta2.5

release/2.11.0.0beta2.6

release/2.11.0.0beta2.8

release/2.11.0.0beta2.9

release/2.11.0.0rc1.0

release/2.11.0.0rc1.1

release/2.11.0.0rc1.2

release/2.11.0.0rc1.3

release/2.11.0.0rc1.4

release/2.11.0.0rc1.5

release/2.11.0.0rc1.7

release/2.11.0.1

release/2.11.0.10

release/2.11.0.11

release/2.11.0.12

release/2.11.0.13

release/2.11.0.14

release/2.11.0.15

release/2.11.0.16

release/2.11.0.17

release/2.11.0.18

release/2.11.0.19

release/2.11.0.2

release/2.11.0.20

release/2.11.0.21

release/2.11.0.22

release/2.11.0.23

release/2.11.0.24

release/2.11.0.25

release/2.11.0.27

release/2.11.0.28

release/2.11.0.29

release/2.11.0.3

release/2.11.0.30

release/2.11.0.31

release/2.11.0.32

release/2.11.0.33

release/2.11.0.34

release/2.11.0.35

release/2.11.0.36

release/2.11.0.37

release/2.11.0.38

release/2.11.0.39

release/2.11.0.4

release/2.11.0.40

release/2.11.0.41

release/2.11.0.42

release/2.11.0.43

release/2.11.0.5

release/2.11.0.6

release/2.11.0.7

release/2.11.0.8

release/2.11.0.9