• Skip to primary navigation
  • Skip to main content
  • Skip to footer
Kurmi Software

Kurmi Software

Unified Communication - Automate & Simplify the management

  • Contact
  • Support
  • Request a Demo
  • Search
  • English
  • Products
    • Kurmi Provisioning Suite for Enterprises
    • Kurmi Provisioning Suite for MSPs
  • Use Cases
    • User Provisioning
    • Number Management
    • Migration
    • Role-Based Access Control
    • Replace Cisco Prime Collaboration Provisioning
  • Industries
    • Financial Services
    • Government
    • Healthcare
    • Higher Education
    • Managed Service Providers
  • Tech
      • Cisco
        • Webex Suite
        • Cisco Unified Communications Suite
        • Cisco Contact Center
        • Cisco Hosted Collaboration Solution (HCS)
      • Microsoft
        • Microsoft Teams and Teams Phone
        • Skype for Business
      • Avaya
        • Avaya Aura
        • Avaya Aura Call Center Elite
      • Zoom
      • ServiceNow
      • SBCs
      • Kurmi SDK
  • Partners
    • Partners
    • Become a Partner
    • Cisco SolutionsPlus
    • Microsoft IP Co-Sell
  • About
    • About Us
    • Careers
    • Press Releases
    • Media Coverage
    • Events
  • Resources
    • UC Management Guide
    • Interactive Demos
    • Blog
    • Webinars
    • White Papers
    • Videos
    • Case Studies
    • View All Resources

CVE-2024-54450:

Description

  • An issue was discovered in Kurmi Provisioning Suite 7.9.0.33.
  • If an X-Forwarded-For header is received during authentication, the Kurmi application will record the (possibly forged) IP address mentioned in that header rather than the real IP address that the user logged in from. This fake IP address can later be displayed in the My Account popup that shows the IP address that was used to log in.

Vulnerability Type

  • Log pollution

Footer

  • Products
    • Kurmi Provisioning Suite for Enterprises
    • Kurmi Provisioning Suite for MSPs
    • Professional Services
  • Use Cases
    • User Provisioning
    • Number Management
    • Migration
    • Role-Based Access Control
    • Replace Cisco Prime Collaboration Provisioning (PCP)
  • Industries
    • Financial Services
    • Government
    • Healthcare
    • Managed Service Providers
  • Supported Tech
    • Cisco
    • Microsoft
    • Avaya
    • Zoom
    • ServiceNow
    • SBCs
    • Kurmi SDK
  • Partners
    • Become a Partner
    • Cisco SolutionsPlus
    • Microsoft IP Co-Sell
  • About
    • About Us
    • Careers
    • Press Releases
    • Media Coverage
    • Events
  • Resources
    • UC Management Guide
    • Interactive Demos
    • Blog
    • Webinars
    • Case Studies
    • View All Resources

© 2025 Kurmi Software. All rights reserved.

Privacy Policy Sitemap
LinkedIn Twitter YouTube
logo
  • Products
    • Kurmi Provisioning Suite for Enterprises
    • Kurmi Provisioning Suite for MSPs
  • Use Cases
    • User Provisioning
    • Number Management
    • Migration
    • Role-Based Access Control
    • Replacing Cisco Prime Collaboration Provisioning
  • Industries
    • Financial Services
    • Government
    • Healthcare
    • Higher Education
    • Managed Service Providers
  • Supported Tech
    • Cisco
      • Webex Suite
      • Cisco Unified Communications Suite
      • Cisco Contact Center
      • Cisco Broadworks
      • Cisco Hosted Collaboration Solution (HCS)
    • Microsoft
      • Microsoft Teams and Teams Phone
      • Skype for Business
    • Avaya
      • Avaya Aura
      • Avaya Aura Call Center Elite
    • Zoom
    • ServiceNow
    • SBCs
    • Kurmi SDK
  • Partners
    • Partners
    • Become a Partner
    • Cisco SolutionsPlus
    • Microsoft IP Co-Sell
  • About
    • About Us
    • Careers
    • Press Releases
    • Media Coverage
    • Events
  • Resources
    • UC Management Guide
    • Interactive Demos
    • Blog
    • Webinars
    • White Papers
    • Videos
    • Case Studies
    • View All Resources
  • Contact
  • Support
  • Request a Demo
  • Search
  • English