FreePBX 18.104.22.168 (Distro)
Current Asterisk Version: 13.29.2
PBX Firmware: 12.7.6-2002-2.sng7
PBX Service Pack: 22.214.171.124
I have the following notification in the Dashboard:
There is 1 module vulnerable to security threats
restapps (Cur v. 126.96.36.199) should be upgraded to v. 188.8.131.52 to fix security issues: SEC-2020-004
I am not able to upgrade this Module, because
EndPoint Manager module version 14.0.41 or higher is required, you have 184.108.40.206
I can’t upgrade EndPoint Manager (I assume), because our license has expired. Also, the “restapps” (Phone Apps) module, which is the one needing the security update, is disabled.
Are we still vulnerable even with the affected module disabled? What should my course of action be to keep us secure?
Thanks as always!