exploitDog

CVE-2002-0669

Опубликовано: 19 фев. 2003

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows administrators to cause a denial of service by modifying the SIP_AUTHENTICATE_SCHEME value to force authentication of incoming calls, which does not notify the user when an authentication failure occurs.

Ссылки

http://www.atstake.com/research/advisories/2002/a071202-1.txt
Patch
Vendor Advisory
http://www.iss.net/security_center/static/9564.php
Vendor Advisory
http://www.atstake.com/research/advisories/2002/a071202-1.txt
Patch
Vendor Advisory
http://www.iss.net/security_center/static/9564.php
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:h:pingtel:xpressa:1.2.5:*:*:*:*:*:*:*

cpe:2.3:h:pingtel:xpressa:1.2.7.4:*:*:*:*:*:*:*

EPSS

Процентиль: 63%

0.00442

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-2x83-cpgr-4rhm

github

почти 4 года назад

The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows administrators to cause a denial of service by modifying the SIP_AUTHENTICATE_SCHEME value to force authentication of incoming calls, which does not notify the user when an authentication failure occurs.

EPSS

Процентиль: 63%

0.00442

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other