3.5

CVE-2021-20677

EPSS 0.3%
Veröffentlicht 26.03.2021 09:15:11
Zuletzt bearbeitet 21.11.2024 05:46:59
Quelle vultures@jpcert.or.jp
CVE-Watchlists
Login
Unerledigt
Login

UNIVERGE Aspire series PBX (UNIVERGE Aspire WX from 1.00 to 3.51, UNIVERGE Aspire UX from 1.00 to 9.70, UNIVERGE SV9100 from 1.00 to 10.70, and SL2100 from 1.00 to 3.00) allows a remote authenticated attacker to cause system down and a denial of service (DoS) condition by sending a specially crafted command.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Necplatforms ≫ Univerge Aspire Wx Firmware Version >= 1.00 <= 3.51

Necplatforms ≫ Univerge Aspire Wx Version-

Necplatforms ≫ Univerge Aspire Ux Firmware Version >= 1.00 <= 9.70

Necplatforms ≫ Univerge Aspire Ux Version-

Necplatforms ≫ Univerge Sv9100 Firmware Version >= 1.00 <= 10.70

Necplatforms ≫ Univerge Sv9100 Version-

Necplatforms ≫ Sl2100 Firmware Version >= 1.00 <= 3.00

Necplatforms ≫ Sl2100 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.3%	0.532

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	3.1	1.6	1.4	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
nvd@nist.gov	3.5	6.8	2.9	AV:N/AC:M/Au:S/C:N/I:N/A:P

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://www.necplatforms.co.jp/en/press/security_adv.html

Vendor Advisory

https://jvn.jp/en/jp/JVN12737530/index.html

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-20677

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-20677

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-20677

EUVD