Call interception
Description
It is possible to intercept calls made using the VoIP platform because the communication is not encrypted.
Impact
Get call information.
Recommendation
Configure the channel with TLS or SRTP and TLS, or configure a firewall to cipher calls.
Threat
Attacker authenticated from the Internet.
Expected Remediation Time
⏱️ 60 minutes.
Requirements
181 - Transmit data using secure protocolsFixes
Score
Default score using CVSS 4.0. It may change depending on the context of the src.
Base 4.0
Attack vector
N
Attack complexity
L
Attack requirements
N
Privileges required
L
User interaction
N
Confidentiality (VC)
L
Integrity (VI)
N
Availability (VA)
N
Confidentiality (SC)
N
Integrity (SI)
N
Availability (SA)
N
Threat 4.0
Exploit maturity
X
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N