An unspecified Enghouse Interactive Professional Services "addon product" in Enghouse Interactive IVR Pro (VIP2000) 9.0.3 (rel903), when using OpenVZ and fallback customization, uses the same SSH private key across different customers' installations, which allows remote attackers to gain privileges by leveraging knowledge of this key.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2014-01-28T00:00:00
Updated: 2024-08-06T17:46:23.809Z
Reserved: 2013-11-20T00:00:00
Link: CVE-2013-6838
Vulnrichment
No data.
NVD
Status : Modified
Published: 2014-01-28T00:55:03.847
Modified: 2014-01-31T06:07:26.687
Link: CVE-2013-6838
Redhat
No data.