Описание
Incorrect implementation of authentication algorithm issue in UNIVERGE SV9500 series from V1 to V7and SV8500 series from S6 to S8 allows an attacker to access the remote system maintenance feature and obtain the information by sending a specially crafted request to a specific URL.
Ссылки
- Third Party Advisory
- Vendor Advisory
- Third Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от v1 (включая) до v7 (включая)
Одновременно
cpe:2.3:o:nec:univerge_sv9500_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nec:univerge_sv9500:-:*:*:*:*:*:*:*
Конфигурация 2Версия от s6 (включая) до s8 (включая)
Одновременно
cpe:2.3:o:nec:univerge_sv8500_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nec:univerge_sv8500:-:*:*:*:*:*:*:*
EPSS
Процентиль: 52%
0.0029
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-287
Связанные уязвимости
github
больше 3 лет назад
Incorrect implementation of authentication algorithm issue in UNIVERGE SV9500 series from V1 to V7and SV8500 series from S6 to S8 allows an attacker to access the remote system maintenance feature and obtain the information by sending a specially crafted request to a specific URL.
EPSS
Процентиль: 52%
0.0029
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-287