本ページは splicecom maximiser_soft_pbx に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2023-33760 | SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate. This issue can allow attackers to eavesdrop on communications via a man-in-the-middle attack. | [email protected] | 5.3 | 0.28% | 2024-01-25 | 2026-06-17 |
| CVE-2023-33759 | SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts, allowing attackers to bypass authentication via a brute force attack. | [email protected] | 9.8 | 0.80% | 2024-01-25 | 2026-06-17 |
| CVE-2023-33758 | Splicecom Maximiser Soft PBX v1.5 and before was discovered to contain a cross-site scripting (XSS) vulnerability via the CLIENT_NAME and DEVICE_GUID fields in the login component. | [email protected] | 6.1 | 0.37% | 2024-01-25 | 2026-06-17 |