all InfoSec news
VoIP powerhouse 3CX urges deactivation of SQL database integrations
SC Magazine feed for Strategy www.scmagazine.com
Major voice-over IP software provider 3CX has issued a security advisory urging the immediate deactivation of SQL database integrations through PostgreSQL, MySQL, MsSQL, and MongoDB due to security risks stemming from a vulnerability, which was later confirmed to be an SQL injection flaw within the software's CRM integration with SQL databases, BleepingComputer reports.
3cx advisory crm database databases deactivation flaw injection injection flaw integration integrations major mongodb mssql mysql postgresql risks security security advisory security risks software sql sql database sql injection voice voip vulnerability