top of page

3-CX Security Advisory: Disable your SQL Database Integrations


Posted on December 15th, 2023 by Pierre Jourdan, Security Pentesting, 3CX

Other CRM integrations are not affected.

Only 0.25% of our user base have sequel integrated. It's an old style integration meant for an on-premise firewall secured network. Nevertheless, if you are using an SQL Database integration it’s subject potentially to a vulnerability - depending upon the configuration. As a precautionary measure, and whilst we work on a solution to safely re-enable this integration, please follow the instructions below to disable it.

Temporarily Disable Until Further Notice

If you have one of these please disable temporarily until further notice.

  • Database MongoDB

  • Database MsSQL

  • Database MySQL

  • Database PostgreSQL

Note Important: All Web-Based CRM integrations are not affected.

Which 3CX Versions are Affected?

  • Version 18

  • Version 20


If you’re running Version 18 check if you’re using one of the integrations listed above.

You can do this from the Management Console / Settings / CRM. Set it to “None” and save.



If you’re running Version 20 see if you’re using one of the integrations listed above.

You can do this from Webclient / Admin Console / Integrations / CRM. Set it to “None” and save.



Featured Posts
Recent Posts
Archive
Search By Tags
Follow Us
  • Facebook Basic Square
  • Twitter Basic Square
  • Google+ Basic Square
bottom of page