Posted on December 15th, 2023 by Pierre Jourdan, Security Pentesting, 3CX

Other CRM integrations are not affected.

Only 0.25% of our user base have sequel integrated. It's an old style integration meant for an on-premise firewall secured network. Nevertheless, if you are using an SQL Database integration it’s subject potentially to a vulnerability - depending upon the configuration. As a precautionary measure, and whilst we work on a solution to safely re-enable this integration, please follow the instructions below to disable it.

Temporarily Disable Until Further Notice

If you have one of these please disable temporarily until further notice.

• Database MongoDB

• Database MsSQL

• Database MySQL

• Database PostgreSQL

Note Important: All Web-Based CRM integrations are not affected.

Which 3CX Versions are Affected?

• Version 18

• Version 20

If you’re running Version 18 check if you’re using one of the integrations listed above.

You can do this from the Management Console / Settings / CRM. Set it to “None” and save.

If you’re running Version 20 see if you’re using one of the integrations listed above.

You can do this from Webclient / Admin Console / Integrations / CRM. Set it to “None” and save.