CVE-2024-52882

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Feb 7, 2025

Updated: Feb 10, 2025

CWE ID 79

Summary

CVE-2024-52882 is a newly disclosed vulnerability affecting AudioCodes One Voice Operations Center (OVOC) versions prior to 8.4.582. The issue stems from a failure to adequately sanitize user input in the device's API. This flaw enables an attacker to inject malicious JavaScript code (XSS) and launch targeted attacks against administrator sessions. Successful exploitation could lead to unauthorized access, data theft, or system manipulation. Upgrading to OVOC version 8.4.582 or later is strongly recommended to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/0nYWLH
https://www.cve.org/CVERecord?id=CVE-2024-52882
https://nvd.nist.gov/vuln/detail/CVE-2024-52882

Back to Vulnerability Database

CVE-2024-52882

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations