Описание
NEC UM8000, UM4730 and prior non-InMail voicemail systems with all known software versions may permit an infinite number of login attempts in the telephone user interface (TUI), effectively allowing brute force attacks.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:nec:um8000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nec:um8000:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:nec:um4730_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nec:um4730:-:*:*:*:*:*:*:*
EPSS
Процентиль: 49%
0.00257
Низкий
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-307
Связанные уязвимости
github
больше 3 лет назад
NEC UM8000, UM4730 and prior non-InMail voicemail systems with all known software versions may permit an infinite number of login attempts in the telephone user interface (TUI), effectively allowing brute force attacks.
EPSS
Процентиль: 49%
0.00257
Низкий
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-307