Pexip security bulletins
The following security bulletins are published by Pexip for issues affecting Pexip Infinity and Infinity Connect.
Please contact your Pexip authorized support representative for more information about these issues. This list covers issues addressed in v26.0 and later. For issues addressed in v25.x or earlier, see our documentation for previous releases.
More information specific for each of the vulnerabilities can be found via the NIST National Vulnerability Database: http://nvd.nist.gov/.
Pexip Infinity
Each bulletin addresses a number of vulnerabilities in the operating system software used by Pexip Infinity. The bulletins include an assessment of the issues, the impact to the Pexip Infinity platform, and resolution details.
| Bulletin | Description | Risk | Updated | Impacted versions | Addressed in version |
|---|---|---|---|---|---|
| CVE-2022-29286 | Resource mismanagement in the registrar allows an unauthenticated remote attacker to cause the system to consume excess resources and eventually terminate, resulting in a denial of service. | High | April 2022 | 27.0, 27.1, 27.2, 27.3 | 28.0 |
| CVE-2022-27936 | Insufficient input validation in the H.323 protocol implementation allows an unauthenticated remote attacker to trigger a software abort resulting in a denial of service. | High | April 2022 | 1 - 27.3 | 28.0 |
| CVE-2022-25315 | In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. | Critical | April 2022 | 1 - 27.3 | 28.0 |
| CVE-2022-25314 | In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString. | High | April 2022 | 1 - 27.3 | 28.0 |
| CVE-2022-25236 | xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. | Critical | April 2022 | 1 - 27.3 | 28.0 |
| CVE-2022-25235 | xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. | Critical | April 2022 | 1 - 27.3 | 28.0 |
| CVE-2022-23990 | Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. | Critical | April 2022 | 1 - 27.3 | 28.0 |
| CVE-2022-23852 | Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES. | Critical | April 2022 | 1 - 27.3 | 28.0 |
| CVE-2022-23308 | valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. | High | April 2022 | 1 - 27.3 | 28.0 |
| CVE-2022-22827 | storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | High | April 2022 | 1 - 27.3 | 28.0 |
| CVE-2022-22826 | nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | High | April 2022 | 1 - 27.3 | 28.0 |
| CVE-2022-22825 | lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | High | April 2022 | 1 - 27.3 | 28.0 |
| CVE-2022-22824 | defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | Critical | April 2022 | 1 - 27.3 | 28.0 |
| CVE-2022-22823 | build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | Critical | April 2022 | 1 - 27.3 | 28.0 |
| CVE-2022-22822 | addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | Critical | April 2022 | 1 - 27.3 | 28.0 |
| CVE-2022-0847 | A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system. | High | April 2022 | 1 - 27.3 | 28.0 |
| CVE-2022-0492 | A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly. | High | April 2022 | 1 - 27.3 | 28.0 |
| CVE-2021-46143 | In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize. | High | April 2022 | 1 - 27.3 | 28.0 |
| CVE-2021-45960 | In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory). | High | April 2022 | 1 - 27.3 | 28.0 |
| CVE-2021-45485 | In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses. | High | April 2022 | 1 - 27.3 | 28.0 |
| CVE-2021-22600 | A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755 | High | April 2022 | 1 - 27.3 | 28.0 |
| CVE-2021-4154 | A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a denial of service on the system. | High | April 2022 | 1 - 27.3 | 28.0 |
| CVE-2021-4083 | A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on the system. This flaw affects Linux kernel versions prior to 5.16-rc4. | High | April 2022 | 1 - 27.3 | 28.0 |
| CVE-2018-25032 | zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. | High | April 2022 | 1 - 27.3 | 28.0 |
| Multiple | Resolved minor issues: CVE-2019-15165, CVE-2019-20807, CVE-2021-3770, CVE-2021-3778, CVE-2021-3796, CVE-2021-3997, CVE-2021-4001, CVE-2021-4203, CVE-2021-28965, CVE-2021-31799, CVE-2021-31810, CVE-2021-32066, CVE-2021-41817, CVE-2021-41819, CVE-2021-45402, CVE-2021-45486, CVE-2022-0286, CVE-2022-0617, CVE-2022-0644, CVE-2022-22816, CVE-2022-25313, CVE-2022-25636 | April 2022 | 28.0 | ||
| CVE-2022-27937 |
Insufficient input validation in the H.264 codec implementation allows an unauthenticated remote attacker to trigger excess resource consumption leading to a software abort and denial of service. |
High | March 2022 | 1.0 - 27.2 | 27.3 |
| CVE-2022-27935 | Insufficient input validation in the Epic Telehealth implementation allows an unauthenticated remote attacker to trigger a software abort leading to a denial of service. | High | March 2022 | 25.0 - 27.2 | 27.3 |
| CVE-2022-27934 |
Insufficient input validation in the Hypertext Transfer Protocol implementation allows an unauthenticated remote attacker to trigger a software abort leading to a denial of service. |
High | March 2022 | 25.0 - 27.2 | 27.3 |
| CVE-2022-27933 | Insufficient input validation in the One Touch Join service allows an unauthenticated remote attacker to trigger a software abort leading to a denial of service. In certain circumstances, the attacker is also able to enumerate OTJ endpoint usernames. | High | March 2022 | 24.0 - 27.2 | 27.3 |
| CVE-2022-27932 | Insufficient input validation in the One Touch Join service allows an unauthenticated remote attacker to trigger a software abort leading to a denial of service. | High | March 2022 | 24.0 - 27.2 | 27.3 |
| CVE-2022-27931 |
Insufficient input validation in the Session Initiation Protocol implementation allows an unauthenticated remote attacker to trigger a software abort leading to a denial of service. |
High | March 2022 | 24.0 - 27.2 | 27.3 |
| CVE-2022-27930 |
Insufficient input validation in the Single Sign On implementation allows an unauthenticated remote attacker to trigger a software abort leading to a denial of service. |
High | March 2022 | 27.0 - 27.2 | 27.3 |
| CVE-2022-27929 |
Insufficient input validation in the Hypertext Transfer Protocol implementation allows an unauthenticated remote attacker to trigger a software abort leading to a denial of service. |
High | March 2022 | 27.0 - 27.2 | 27.3 |
| CVE-2022-27928 | Insufficient input validation in the Session Initiation Protocol implementation allows an unauthenticated remote attacker to trigger a software abort leading to a denial of service. | High | March 2022 | 27.0 - 27.2 | 27.3 |
| CVE-2022-26657 | Insufficient input validation in the One Touch Join service allows an unauthenticated remote attacker to trigger a software abort leading to a denial of service. | High | March 2022 | 24.0 - 27.2 | 27.3 |
| CVE-2022-26656 |
Insufficient input validation in the One Touch Join service allows an unauthenticated remote attacker to trigger a software abort leading to a denial of service. In certain circumstances, the attacker is also able to enumerate OTJ endpoint usernames. |
High | March 2022 | 24.0 - 27.2 | 27.3 |
| CVE-2022-26655 | Missing logic in the Infinity Client API implementation allows an unauthenticated remote attacker to trigger a software abort leading to a denial of service. | High | March 2022 | 27.0 - 27.2 | 27.3 |
| CVE-2022-26654 |
Missing logic in the Hypertext Transfer Protocol implementation allows an unauthenticated remote attacker to trigger a software abort leading to a denial of service. |
High |
March 2022 | 24.0 - 27.2 | 27.3 |
| CVE-2022-22720 |
Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling. |
Critical | March 2022 | 1 - 27.2 | 27.3 |
| CVE-2022-0778 | OpenSSL 1.0.2zc and earlier can be forced into an infinite loop by crafting a certificate containing invalid elliptic curve parameters, allowing an attacker to trigger a denial of service. | High | March 2022 | 1 - 27.2 | 27.3 |
| Multiple | Resolved minor issues: CVE-2022-22719, CVE-2022-22721, CVE-2022-23943 | March 2022 | 27.3 | ||
| CVE-2022-25357 | Insufficient authorization checks in the call join implementation under certain circumstances allows a window where an unauthenticated remote attacker could join a locked but not PIN-protected conference. | High | February 2022 | 27.0, 27.1 | 27.2 |
| CVE-2021-20322 | A weakness when handling ICMP errors in the Linux kernel could allow a remote attacker to defeat UDP source port randomization. | High | January 2022 | 1 - 26.2 | 27.0 |
| CVE-2021-33909 | The Linux kernel filesystem implementation contained a flaw which could allow an unprivileged local user to cause a denial of service or escalate privileges. | High | January 2022 | 13.0 - 26.2 | 27.0 |
| CVE-2021-41073 | The io_uring implementation in the Linux kernel contained a flaw which could allow an unprivileged local user to escalate privileges. | High | January 2022 | 26.x | 27.0 |
| CVE-2021-3712 | Parts of the OpenSSL toolkit assumed that ASN.1 string data was stored with a NUL terminator. An attacker able to cause an application to call a vulnerable function with non-terminated data could cause a denial of service, or possible information disclosure. | High | January 2022 | 1 - 26.2 | 27.0 |
| Multiple | Resolved minor issues: CVE-2020-21913, CVE-2020-26541, CVE-2021-0920, CVE-2021-0941, CVE-2021-20321, CVE-2021-22918, CVE-2021-25219, CVE-2021-28153, CVE-2021-33098, CVE-2021-33624, CVE-2021-33910, CVE-2021-34556, CVE-2021-35477, CVE-2021-3655, CVE-2021-3679, CVE-2021-37750, CVE-2021-38198, CVE-2021-38209, CVE-2021-39656, CVE-2021-39657, CVE-2021-4002 | January 2022 | 27.0 | ||
| CVE-2022-23228 | Insufficient input validation in the WebRTC implementation allows an unauthenticated remote attacker to cause excessive resource usage leading to a temporary loss of service. | High | January 2022 | 1 - 26.x | 27.0 |
| CVE-2021-42555 | Insufficient input validation in the in call setup implementation allows an unauthenticated remote attacker to cause a software abort leading to a temporary loss of service. | High | November 2021 | 25.0 - 26.1 | 26.2 |
| CVE-2021-41773 | A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased paths, this could allow for remote code execution. | Medium | November 2021 | 26.1 | 26.2 |
| CVE-2021-42013 | It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased paths, this could allow for remote code execution. | Medium | November 2021 | 26.1 | 26.2 |
| CVE-2021-34798 | Malformed requests may cause the Apache web server to dereference a NULL pointer resulting in a denial of service. | High | September 2021 | 1 - 26.0 | 26.1 |
| CVE-2021-39275 | The ap_escape_quotes() function in the Apache httpd may write beyond the end of a buffer when given malicious input. | High | September 2021 | 1 - 26.0 | 26.1 |
| CVE-2021-40438 | A crafted HTTP request can cause the proxy module of Apache httpd to forward the request to an origin server chosen by the attacker. | Critical | September 2021 | 1 - 26.0 | 26.1 |
| CVE-2021-32545 | Incomplete input validation in the RTMP implementation allows an unauthenticated remote attacker to cause a denial of service. | High | July 2021 | 7 - 25.4 | 26.0 |
| CVE-2021-33498 | Incomplete input validation in the H.264 implementation allows an unauthenticated remote attacker to cause a denial of service. | High | July 2021 | 1 - 25.4 | 26.0 |
| CVE-2021-33499 | Incomplete input validation in the H.264 implementation allows an unauthenticated remote attacker to cause a denial of service. | High | July 2021 | 1 - 25.4 | 26.0 |
| CVE-2021-35969 | Insufficient input validation in the in call setup implementation allows an unauthenticated remote attacker to cause a software abort leading to a temporary loss of service. | High | July 2021 | 22.0 - 25.4 | 26.0 |
| Multiple | Resolved minor issues: CVE-2018-1311, CVE-2018-12929, CVE-2018-12930, CVE-2018-12931, CVE-2019-12881, CVE-2019-16089, CVE-2019-17567, CVE-2019-19070, CVE-2019-19083, CVE-2019-19318, CVE-2019-19378, CVE-2019-20367, CVE-2019-20446, CVE-2019-20908, CVE-2020-0444, CVE-2020-0465, CVE-2020-0466, CVE-2020-0543, CVE-2020-8169, CVE-2020-8177, CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286, CVE-2020-8625, CVE-2020-10135, CVE-2020-11725, CVE-2020-12363, CVE-2020-12364, CVE-2020-13938, CVE-2020-13950, CVE-2020-14372, CVE-2020-15780, CVE-2020-16120, CVE-2020-24977, CVE-2020-25632, CVE-2020-25639, CVE-2020-25647, CVE-2020-25670, CVE-2020-25671, CVE-2020-25672, CVE-2020-25673, CVE-2020-26116, CVE-2020-26262, CVE-2020-27066, CVE-2020-27068, CVE-2020-27170, CVE-2020-27171, CVE-2020-27350, CVE-2020-27749, CVE-2020-27779, CVE-2020-27783, CVE-2020-27786, CVE-2020-27815, CVE-2020-27820, CVE-2020-27825, CVE-2020-27830, CVE-2020-27835, CVE-2020-28374, CVE-2020-28493, CVE-2020-28588, CVE-2020-28941, CVE-2020-29374, CVE-2020-29534, CVE-2020-29568, CVE-2020-29569, CVE-2020-29660, CVE-2020-29661, CVE-2020-35452, CVE-2020-35492, CVE-2020-35499, CVE-2020-35508, CVE-2020-35519, CVE-2020-36158, CVE-2020-36221, CVE-2020-36222, CVE-2020-36223, CVE-2020-36224, CVE-2020-36225, CVE-2020-36226, CVE-2020-36227, CVE-2020-36228, CVE-2020-36229, CVE-2020-36230, CVE-2020-36310, CVE-2020-36311, CVE-2020-36312, CVE-2020-36313, CVE-2020-36322, CVE-2020-36385, CVE-2021-0342, CVE-2021-0512, CVE-2021-0605, CVE-2021-3177, CVE-2021-3178, CVE-2021-3347, CVE-2021-3348, CVE-2021-3411, CVE-2021-3428, CVE-2021-3444, CVE-2021-3483, CVE-2021-3489, CVE-2021-3490, CVE-2021-3491, CVE-2021-3501, CVE-2021-3506, CVE-2021-3516, CVE-2021-3517, CVE-2021-3518, CVE-2021-3520, CVE-2021-3537, CVE-2021-3541, CVE-2021-20177, CVE-2021-20194, CVE-2021-20225, CVE-2021-20226, CVE-2021-20233, CVE-2021-20239, CVE-2021-20261, CVE-2021-20265, CVE-2021-20268, CVE-2021-20292, CVE-2021-22876, CVE-2021-22890, CVE-2021-23133, CVE-2021-23134, CVE-2021-23839, CVE-2021-23840, CVE-2021-23841, CVE-2021-25214, CVE-2021-25215, CVE-2021-25216, CVE-2021-25217, CVE-2021-26690, CVE-2021-26691, CVE-2021-26930, CVE-2021-26931, CVE-2021-26932, CVE-2021-27212, CVE-2021-27218, CVE-2021-27219, CVE-2021-27363, CVE-2021-27364, CVE-2021-27365, CVE-2021-28038, CVE-2021-28039, CVE-2021-28041, CVE-2021-28153, CVE-2021-28375, CVE-2021-28660, CVE-2021-28688, CVE-2021-28950, CVE-2021-28951, CVE-2021-28952, CVE-2021-28957, CVE-2021-28964, CVE-2021-28971, CVE-2021-29154, CVE-2021-29155, CVE-2021-29265, CVE-2021-29266, CVE-2021-29646, CVE-2021-29647, CVE-2021-29649, CVE-2021-29650, CVE-2021-29657, CVE-2021-30002, CVE-2021-30178, CVE-2021-30641, CVE-2021-31440, CVE-2021-31535, CVE-2021-31618, CVE-2021-31829, CVE-2021-31870, CVE-2021-31871, CVE-2021-31872, CVE-2021-31873, CVE-2021-31916, CVE-2021-33033, CVE-2021-33200, CVE-2021-33560 | July 2021 | 26.0 |
CVE-2022-29286: Resource mismanagement in the registrar allows an unauthenticated remote attacker to cause the system to consume excess resources and eventually terminate, resulting in a denial of service
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: 27.0, 27.1, 27.2, 27.3
CVSS 3.1 base score: 8.6 (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H)
Mitigation: Where possible, disable the registrar ().
Resolution: Upgrade to Pexip Infinity 28
CVE-2022-27936: Insufficient input validation in the H.323 protocol implementation allows an unauthenticated remote attacker to trigger a software abort resulting in a denial of service
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: All before 28
CVSS 3.1 base score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Mitigation: Where possible, disable the H.323 protocol implementation ().
Resolution: Upgrade to Pexip Infinity 28
CVE-2022-25315: In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames
Impact to Pexip Infinity: Critical
Affected versions of Pexip Infinity: All before 28
CVSS 3.1 base score: 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Mitigation: None
Resolution: Upgrade to Pexip Infinity 28
CVE-2022-25314: In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: All before 28
CVSS 3.1 base score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Mitigation: None
Resolution: Upgrade to Pexip Infinity 28
CVE-2022-25236: xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs
Impact to Pexip Infinity: Critical
Affected versions of Pexip Infinity: All before 28
CVSS 3.1 base score: 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Mitigation: None
Resolution: Upgrade to Pexip Infinity 28
CVE-2022-25235: xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context
Impact to Pexip Infinity: Critical
Affected versions of Pexip Infinity: All before 28
CVSS 3.1 base score: 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Mitigation: None
Resolution: Upgrade to Pexip Infinity 28
CVE-2022-23990: Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function
Impact to Pexip Infinity: Critical
Affected versions of Pexip Infinity: All before 28
CVSS 3.1 base score: 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Mitigation: None
Resolution: Upgrade to Pexip Infinity 28
CVE-2022-23852: Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES
Impact to Pexip Infinity: Critical
Affected versions of Pexip Infinity: All before 28
CVSS 3.1 base score: 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Mitigation: None
Resolution: Upgrade to Pexip Infinity 28
CVE-2022-23308: valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: All before 28
CVSS 3.1 base score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Mitigation: None
Resolution: Upgrade to Pexip Infinity 28
CVE-2022-22827: storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: All before 28
CVSS 3.1 base score: 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
Mitigation: None
Resolution: Upgrade to Pexip Infinity 28
CVE-2022-22826: nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: All before 28
CVSS 3.1 base score: 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
Mitigation: None
Resolution: Upgrade to Pexip Infinity 28
CVE-2022-22825: lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: All before 28
CVSS 3.1 base score: 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
Mitigation: None
Resolution: Upgrade to Pexip Infinity 28
CVE-2022-22824: defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow
Impact to Pexip Infinity: Critical
Affected versions of Pexip Infinity: All before 28
CVSS 3.1 base score: 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Mitigation: None
Resolution: Upgrade to Pexip Infinity 28
CVE-2022-22823: build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow
Impact to Pexip Infinity: Critical
Affected versions of Pexip Infinity: All before 28
CVSS 3.1 base score: 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Mitigation: None
Resolution: Upgrade to Pexip Infinity 28
CVE-2022-22822: addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow
Impact to Pexip Infinity: Critical
Affected versions of Pexip Infinity: All before 28
CVSS 3.1 base score: 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Mitigation: None
Resolution: Upgrade to Pexip Infinity 28
CVE-2022-0847: A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: All before 28
CVSS 3.1 base score: 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Mitigation: Exploitation requires an attacker to be able to run arbitrary code on the system by either achieving remote code execution via some other vulnerability or having administrative access to the operating system.
Resolution: Upgrade to Pexip Infinity 28
CVE-2022-0492: A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: All before 28
CVSS 3.1 base score: 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Mitigation: Exploitation requires an attacker to be able to run arbitrary code on the system by either achieving remote code execution via some other vulnerability or having administrative access to the operating system.
Resolution: Upgrade to Pexip Infinity 28
CVE-2021-46143: In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: All before 28
CVSS 3.1 base score: 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
Mitigation: None
Resolution: Upgrade to Pexip Infinity 28
CVE-2021-45960: In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: All before 28
CVSS 3.1 base score: 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Mitigation: None
Resolution: Upgrade to Pexip Infinity 28
CVE-2021-45485: In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: All before 28
CVSS 3.1 base score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
Mitigation: None
Resolution: Upgrade to Pexip Infinity 28
CVE-2021-22600: A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: All before 28
CVSS 3.1 base score: 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Mitigation: Exploitation requires an attacker to be able to run arbitrary code on the system by either achieving remote code execution via some other vulnerability or having administrative access to the operating system.
Resolution: Upgrade to Pexip Infinity 28
CVE-2021-4154: A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a denial of service on the system
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: All before 28
CVSS 3.1 base score: 8.8 (AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)
Mitigation: Exploitation requires an attacker to be able to run arbitrary code on the system by either achieving remote code execution via some other vulnerability or having administrative access to the operating system.
Resolution: Upgrade to Pexip Infinity 28
CVE-2021-4083: A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on the system. This flaw affects Linux kernel versions prior to 5.16-rc4
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: All before 28
CVSS 3.1 base score: 7.0 (AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
Mitigation: Exploitation requires an attacker to be able to run arbitrary code on the system by either achieving remote code execution via some other vulnerability or having administrative access to the operating system.
Resolution: Upgrade to Pexip Infinity 28
CVE-2018-25032: zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: All before 28
CVSS 3.1 base score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Mitigation: None
Resolution: Upgrade to Pexip Infinity 28
CVE-2022-27937: Insufficient input validation in the H.264 codec implementation allows an unauthenticated remote attacker to trigger excess resource consumption leading to a software abort and denial of service
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: All before 27.3
CVSS 3.1 base score: 8.6 (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H)
Mitigation: Where practical, disable all H.264 codec variants in the section of .
Resolution: Upgrade to Pexip Infinity 27.3
CVE-2022-27935: Insufficient input validation in the Epic Telehealth implementation allows an unauthenticated remote attacker to trigger a software abort leading to a denial of service
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: 25-27.2
CVSS 3.1 base score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Mitigation: None
Resolution: Upgrade to Pexip Infinity 27.3
CVE-2022-27934: Insufficient input validation in the Hypertext Transfer Protocol implementation allows an unauthenticated remote attacker to trigger a software abort leading to a denial of service
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: 25-27.2
CVSS 3.1 base score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Mitigation: None
Resolution: Upgrade to Pexip Infinity 27.3
CVE-2022-27933: Insufficient input validation in the One Touch Join service allows an unauthenticated remote attacker to trigger a software abort leading to a denial of service. In certain circumstances, the attacker is also able to enumerate OTJ endpoint usernames
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: 24-27.2
CVSS 3.1 base score: 8.2 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H)
Mitigation: This vulnerability requires the configuration of a "Poly OTD" OTJ Endpoint, an associated OTJ Endpoint Group, the assignment of the OTJ Endpoint Group to a System Location, and associated OTJ Profile. The attacker needs to be able to submit requests to a Conferencing Node in the relevant System Location. Ensure that System Locations associated with OTJ Profiles containing Poly Endpoints are restricted to trusted network segments only.
Resolution: Upgrade to Pexip Infinity 27.3
CVE-2022-27932: Insufficient input validation in the One Touch Join service allows an unauthenticated remote attacker to trigger a software abort leading to a denial of service
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: 24-27.2
CVSS 3.1 base score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Mitigation: This vulnerability requires the configuration of a "Poly OTD" OTJ Endpoint, an associated OTJ Endpoint Group, the assignment of the OTJ Endpoint Group to a System Location, and associated OTJ Profile. The attacker needs to be able to submit requests to a Conferencing Node in the relevant System Location. Ensure that System Locations associated with OTJ Profiles containing Poly Endpoints are restricted to trusted network segments only.
Resolution: Upgrade to Pexip Infinity 27.3
CVE-2022-27931: Insufficient input validation in the Session Initiation Protocol implementation allows an unauthenticated remote attacker to trigger a software abort leading to a denial of service
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: 24-27.2
CVSS 3.1 base score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Mitigation: Where practical, disable the SIP implementation in the section of .
Resolution: Upgrade to Pexip Infinity 27.3
CVE-2022-27930: Insufficient input validation in the single-sign-on implementation allows an unauthenticated remote attacker to trigger a software abort leading to a denial of service
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: 27-27.2
CVSS 3.1 base score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Mitigation: The unique identifier for an Identity Provider is required to be able to exploit this vulnerability. Identifiers are a randomly generated Universally Unique Identifier and thus unlikely to be guessed correctly.
Resolution: Upgrade to Pexip Infinity 27.3
CVE-2022-27929: Insufficient input validation in the Hypertext Transfer Protocol implementation allows an unauthenticated remote attacker to trigger a software abort leading to a denial of service
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: 27-27.2
CVSS 3.1 base score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Mitigation: None
Resolution: Upgrade to Pexip Infinity 27.3
CVE-2022-27928: Insufficient input validation in the Session Initiation Protocol implementation allows an unauthenticated remote attacker to trigger a software abort leading to a denial of service
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: 27-27.2
CVSS 3.1 base score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Mitigation: Where practical, disable the SIP implementation in the section of .
Resolution: Upgrade to Pexip Infinity 27.3
CVE-2022-26657: Insufficient input validation in the One Touch Join service allows an unauthenticated remote attacker to trigger a software abort leading to a denial of service
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: 24-27.2
CVSS 3.1 base score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Mitigation: This vulnerability requires the configuration of a "Poly OTD" OTJ Endpoint, an associated OTJ Endpoint Group, the assignment of the OTJ Endpoint Group to a System Location, and associated OTJ Profile. The attacker needs to be able to submit requests to a Conferencing Node in the relevant System Location. Ensure that System Locations associated with OTJ Profiles containing Poly Endpoints are restricted to trusted network segments only.
Resolution: Upgrade to Pexip Infinity 27.3
CVE-2022-26656: Insufficient input validation in the One Touch Join service allows an unauthenticated remote attacker to trigger a software abort leading to a denial of service. In certain circumstances, the attacker is also able to enumerate OTJ endpoint usernames
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: 24-27.2
CVSS 3.1 base score: 8.2 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H)
Mitigation: This vulnerability requires the configuration of a "Poly OTD" OTJ Endpoint, an associated OTJ Endpoint Group, the assignment of the OTJ Endpoint Group to a System Location, and associated OTJ Profile. The attacker needs to be able to submit requests to a Conferencing Node in the relevant System Location. Ensure that System Locations associated with OTJ Profiles containing Poly Endpoints are restricted to trusted network segments only.
Resolution: Upgrade to Pexip Infinity 27.3
CVE-2022-26655: Missing logic in the Infinity Client API implementation allows an unauthenticated remote attacker to trigger a software abort leading to a denial of service
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: 27-27.2
CVSS 3.1 base score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Mitigation: This vulnerability only affects gateway calls from API clients (e.g. WebRTC) into Microsoft Teams. Disabling the Client API in the section of is one way to mitigate this issue. Alternatively, ensure access to call routing rules targetting Microsoft Teams are restricted to trusted devices or locations.
Resolution: Upgrade to Pexip Infinity 27.3
CVE-2022-26654: Missing logic in the Hypertext Transfer Protocol implementation allows an unauthenticated remote attacker to trigger a software abort leading to a denial of service
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: 24-27.2
CVSS 3.1 base score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Mitigation: None
Resolution: Upgrade to Pexip Infinity 27.3
CVE-2022-22720: Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling
Impact to Pexip Infinity: Critical
Affected versions of Pexip Infinity: All before 27.3
CVSS 3.1 base score: 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Mitigation: None
Resolution: Upgrade to Pexip Infinity 27.3
CVE-2022-0778: OpenSSL 1.0.2zc and earlier can be forced into an infinite loop by crafting a certificate containing invalid elliptic curve parameters, allowing an attacker to trigger a denial of service
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: All before 27.3
CVSS 3.1 base score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Mitigation: None
Resolution: Upgrade to Pexip Infinity 27.3
CVE-2022-25357: Insufficient authorization checks in the call join implementation under certain circumstances allows a window where an unauthenticated remote attacker could join a locked but not PIN-protected conference
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: 27.0, 27.1
CVSS3.1 base score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
Mitigation: Ensure all conferences are PIN protected.
Resolution: Upgrade to Pexip Infinity 27.2
CVE-2021-20322: A weakness when handling ICMP errors in the Linux kernel could allow a remote attacker to defeat UDP source port randomization
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: All before 27
CVSS 3.1 base score: 7.4 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)
Mitigation: None
Resolution: Upgrade to Pexip Infinity 27.0
CVE-2021-33909: The Linux kernel filesystem implementation contained a flaw which could allow an unprivileged local user to cause a denial of service or escalate privileges
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: 13 - 26.2
CVSS 3.1 base score: 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Mitigation: Exploitation of this vulnerability requires an unprivileged attacker to be able to run arbitrary code on the system, which is not the case in normal operation.
Resolution: Upgrade to Pexip Infinity 27.0
CVE-2021-41073: The io_uring implementation in the Linux kernel contained a flaw which could allow an unprivileged local user to escalate privileges
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: 26.x
CVSS 3.1 base score: 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Mitigation: Exploitation of this vulnerability requires an unprivileged attacker to be able to run arbitrary code on the system, which is not the case in normal operation.
Resolution: Upgrade to Pexip Infinity 27.0
CVE-2021-3712: Parts of the OpenSSL toolkit assumed that ASN.1 string data was stored with a NUL terminator. An attacker able to cause an application to call a vulnerable function with non-terminated data could cause a denial of service, or possible information disclosure
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: All before 27
CVSS 3.1 base score: 7.4 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H)
Mitigation: None
Resolution: Upgrade to Pexip Infinity 27.0
CVE-2022-23228: Insufficient input validation in the WebRTC implementation allows an unauthenticated remote attacker to cause excessive resource usage leading to a temporary loss of service
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: 1.0 to 26.2
CVSS3.1 base score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Mitigation: Disable WebRTC via .
Resolution: Upgrade to Pexip Infinity 27.0
CVE-2021-42555: Insufficient input validation in the in call setup implementation allows an unauthenticated remote attacker to cause a software abort leading to a temporary loss of service
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: 25.0 to 26.1
CVSS3.1 base score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Mitigation: Disable gateway rules that allow untrusted devices to place outbound calls to Skype for Business.
Resolution: Upgrade to Pexip Infinity 26.2
CVE-2021-41773: A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased paths, this could allow for remote code execution
Impact to Pexip Infinity: Medium
Affected versions of Pexip Infinity: 26.1
CVSS3.1 base score: 5.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Mitigation: Pexip Infinity configures the Apache HTTP server with a strict ACL which denies access unless explicitly granted. Support for CGI scripts is not enabled. The scope of this vulnerability is limited to the disclosure, on the Pexip Infinity Management Node, of the contents of the administrative web interface bootstrap script. This script contains no credentials or other sensitive information. Pexip Infinity Conferencing Nodes will not expose any information as a result of this vulnerability.
As general good practice, ensure that access to the Pexip Infinity Management Node is restricted to trusted networks using appropriate firewalls.
Resolution: Upgrade to Pexip Infinity 26.2
CVE-2021-42013: It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased paths, this could allow for remote code execution
Impact to Pexip Infinity: Medium
Affected versions of Pexip Infinity: 26.1
CVSS3.1 base score: 5.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Mitigation: Pexip Infinity configures the Apache HTTP server with a strict ACL which denies access unless explicitly granted. Support for CGI scripts is not enabled. The scope of this vulnerability is limited to the disclosure, on the Pexip Infinity Management Node, of the contents of the administrative web interface bootstrap script. This script contains no credentials or other sensitive information. Pexip Infinity Conferencing Nodes will not expose any information as a result of this vulnerability.
As general good practice, ensure that access to the Pexip Infinity Management Node is restricted to trusted networks using appropriate firewalls.
Resolution: Upgrade to Pexip Infinity 26.2
CVE-2021-34798: Malformed requests may cause the Apache web server to dereference a NULL pointer resulting in a denial of service
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: All before 26.1
CVSS3.1 base score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Mitigation: None.
Resolution: Upgrade to Pexip Infinity 26.1
CVE-2021-39275: The ap_escape_quotes() function in the Apache httpd may write beyond the end of a buffer when given malicious input
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: All before 26.1
CVSS3.1 base score: 8.1 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
Mitigation: None.
Resolution: Upgrade to Pexip Infinity 26.1
CVE-2021-40438: A crafted HTTP request can cause the proxy module of Apache httpd to forward the request to an origin server chosen by the attacker
Impact to Pexip Infinity: Critical
Affected versions of Pexip Infinity: All before 26.1
CVSS3.1 base score: 9.0 (AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)
Mitigation: None.
Resolution: Upgrade to Pexip Infinity 26.1
CVE-2021-32545: Incomplete input validation in the RTMP implementation allows an unauthenticated remote attacker to cause a denial of service
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: 7-25.4
CVSS3.1 base score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Mitigation: This issue may be mitigated by disabling support for RTMP via . However, RTMP is required for streaming conferences to external recording implementations. If this functionality is required, ensure that call routing rules are configured to allow RTMP connections to trusted destinations only.
Resolution: Upgrade to Pexip Infinity 26.0
CVE-2021-33498: Incomplete input validation in the H.264 implementation allows an unauthenticated remote attacker to cause a denial of service
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: 1-25.4
CVSS3.1 base score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Mitigation: None.
Resolution: Upgrade to Pexip Infinity 26.0
CVE-2021-33499: Incomplete input validation in the H.264 implementation allows an unauthenticated remote attacker to cause a denial of service
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: 1-25.4
CVSS3.1 base score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Mitigation: None.
Resolution: Upgrade to Pexip Infinity 26.0
CVE-2021-35969: Insufficient input validation in the in call setup implementation allows an unauthenticated remote attacker to cause a software abort leading to a temporary loss of service
Impact to Pexip Infinity: High
Affected versions of Pexip Infinity: 22.0 to 25.4
CVSS3.1 base score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Mitigation: This issue may be mitigated by disabling the Opus codec via . To disable the codec, remove Opus from the chosen codecs list.
Resolution: Upgrade to Pexip Infinity 26.0
Infinity Connect
Each bulletin addresses a number of vulnerabilities in the software used by Infinity Connect. The bulletins include an assessment of the issues, the impact to Infinity Connect, and resolution details.
| Bulletin | Description | Risk | Updated | Addressed in version |
|---|---|---|---|---|
| CVE-2021-29655 | Missing authenticity checks in application provisioning allow an attacker to cause the application to run untrusted code. | High | June 2021 | 1.8.0 |
| CVE-2021-29656 | Missing checks in certificate allow list matching allow a remote attacker to compromise a TLS connection, extracting data and potentially causing remote code execution. | High | June 2021 | 1.8.0 |
CVE-2021-29655: Missing authenticity checks in application provisioning allow an attacker to cause the application to run untrusted code.
Impact to Infinity Connect: High
Affected versions of Infinity Connect: All before 1.8.0
CVSS3.1 base score: 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
Mitigation: None
Resolution: Upgrade to Infinity Connect 1.8.0
Credit: This issue was responsibly disclosed by The UK's National Cyber Security Centre (NCSC)
CVE-2021-29656: Missing checks in certificate allow list matching allow a remote attacker to compromise a TLS connection, extracting data and potentially causing remote code execution.
Impact to Infinity Connect: High
Affected versions of Infinity Connect: All before 1.8.0
CVSS3.1 base score: 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
Mitigation: None
Resolution: Upgrade to Pexip Infinity Connect 1.8.0
Credit: This issue was responsibly disclosed by The UK's National Cyber Security Centre (NCSC)