5.9
CVE-2015-8251
- EPSS 1.31%
- Veröffentlicht 25.09.2017 21:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
- Quelle cret@cert.org
- CVE-Watchlists
- Unerledigt
LoginOpenStage 60 and OpenScape Desk Phone IP 55G SIP V3, OpenStage 15, 20E, 20 and 40 and OpenScape Desk Phone IP 35G SIP V3, OpenScape Desk Phone IP 35G Eco SIP V3, OpenStage 60 and OpenScape Desk Phone IP 55G HFA V3, OpenStage 15, 20E, 20, and 40 and OpenScape Desk Phone IP 35G HFA V3, and OpenScape Desk Phone IP 35G Eco HFA V3 use non-unique X.509 certificates and SSH host keys.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Unify ≫ Openstage 60 Firmware Version3.0
Unify ≫ Openscape Desk Phone Ip 55g Sip Firmware Version3.0
Unify ≫ Openstage 15 Firmware Version3.0
Unify ≫ Openstage 20e Firmware Version3.0
Unify ≫ Openstage 20 Firmware Version3.0
Unify ≫ Openstage 40 Firmware Version3.0
Unify ≫ Openscape Desk Phone Ip 35g Sip Firmware Version3.0
Unify ≫ Openscape Desk Phone Ip 35g Eco Sip Firmware Version3.0
Unify ≫ Openscape Desk Phone Ip 55g Hfa Firmware Version3.0
Unify ≫ Openscape Desk Phone Ip 35g Hfa Firmware Version3.0
Unify ≫ Openstage 60 Firmware Version3.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.31% | 0.669 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.9 | 2.2 | 3.6 |
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:P/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
http://www.kb.cert.org/vuls/id/566724
https://networks.unify.com/security/advisories/OBSO-1511-02-A.pdf
https://networks.unify.com/security/advisories/OBSO-1511-02.pdf
https://www.kb.cert.org/vuls/id/BLUU-A2PPZE