{ "affected": [ { "database_specific": { "unresolved_ranges": [ { "events": [ { "introduced": "0" }, { "last_affected": "7.19" } ] } ] }, "ranges": [ { "database_specific": { "versions": [ { "introduced": "0" }, { "fixed": "4.5.0" }, { "introduced": "0" }, { "last_affected": "4.5.0-NA" } ] }, "events": [ { "introduced": "0" }, { "fixed": "5b55500c24f27f2296dc80cba2765f13cdf6d5d3" }, { "introduced": "0" }, { "last_affected": "5b55500c24f27f2296dc80cba2765f13cdf6d5d3" } ], "repo": "https://github.com/igniterealtime/openfire", "type": "GIT" } ] } ], "details": "An issue was discovered in Pascom Cloud Phone System before 7.20.x. A configuration error between NGINX and a backend Tomcat server leads to a path traversal in the Tomcat server, exposing unintended endpoints.", "id": "CVE-2021-45967", "modified": "2026-03-15T21:47:55.042752823Z", "published": "2022-03-18T05:15:07.027Z", "references": [ { "type": "ADVISORY", "url": "https://www.pascom.net/doc/en/release-notes/" }, { "type": "ADVISORY", "url": "https://www.pascom.net/doc/en/release-notes/pascom19/" }, { "type": "FIX", "url": "https://kerbit.io/research/read/blog/4" }, { "type": "FIX", "url": "https://tutorialboy24.blogspot.com/2022/03/the-story-of-3-bugs-that-lead-to.html" } ], "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" } ] }