5.9
CVE-2025-49088
- EPSS 0.27%
- Veröffentlicht 25.12.2025 00:00:00
- Zuletzt bearbeitet 05.01.2026 19:31:32
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Pexip Infinity 32.0 through 37.1 before 37.2, in certain configurations of OTJ (One Touch Join) for Teams SIP Guest Join, has Improper Input Validation in the OTJ service, allowing a remote attacker to trigger a software abort via a crafted calendar invite, leading to a denial of service.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Pexip ≫ Pexip Infinity Version >= 32.0 < 37.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.27% | 0.184 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| cve@mitre.org | 5.9 | 2.2 | 3.6 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-617 Reachable Assertion
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.
https://docs.pexip.com/admin/security_bulletins.htm