We have fixed a remote code execution vulnerability (CVE-2024-0986), which can only be exploited by users with administrative privileges.
You can review the details of the vulnerability at this link: https://nvd.nist.gov/vuln/detail/CVE-2024-0986. It is currently under review and is not considered critical.
The fix is available in the Issabel repository. To apply it, you need to run:
yum update issabel-system issabel-pbx
The correction applies to Issabel 4 and Issabel 5.
The Issabel Team
“I am honored to recognize Issabel, LLC with a 2023 Product of the Year Award for its commitment to excellence and innovation,” said Rich Tehrani, CEO, TMC.
Issabel® is developed and managed by Issabel® LLC. company formed by a group of professionals from different countries.
Our team is a leader in open source innovation with implementations and success stories in different continents. Our experience in developing these technologies has allowed us to develop, maintain and improve unified communications platforms.