UNIVERGE Aspire series PBX (UNIVERGE Aspire WX from 1.00 to 3.51, UNIVERGE Aspire UX from 1.00 to 9.70, UNIVERGE SV9100 from 1.00 to 10.70, and SL2100 from 1.00 to 3.00) allows a remote authenticated attacker to cause system down and a denial of service (DoS) condition by sending a specially crafted command.
References
Link | Resource |
---|---|
https://jvn.jp/en/jp/JVN12737530/index.html | Third Party Advisory |
https://www.necplatforms.co.jp/en/press/security_adv.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
History
02 Apr 2021, 12:27
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.necplatforms.co.jp/en/press/security_adv.html - Vendor Advisory | |
References | (MISC) https://jvn.jp/en/jp/JVN12737530/index.html - Third Party Advisory | |
CPE | cpe:2.3:o:necplatforms:sl2100_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:necplatforms:univerge_aspire_ux_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:necplatforms:univerge_aspire_ux:-:*:*:*:*:*:*:* cpe:2.3:h:necplatforms:univerge_aspire_wx:-:*:*:*:*:*:*:* cpe:2.3:o:necplatforms:univerge_sv9100_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:necplatforms:univerge_sv9100:-:*:*:*:*:*:*:* cpe:2.3:h:necplatforms:sl2100:-:*:*:*:*:*:*:* cpe:2.3:o:necplatforms:univerge_aspire_wx_firmware:*:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 3.5
v3 : 3.1 |
CWE | NVD-CWE-noinfo |
26 Mar 2021, 09:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-03-26 09:15
Updated : 2023-12-10 13:55
NVD link : CVE-2021-20677
Mitre link : CVE-2021-20677
CVE.ORG link : CVE-2021-20677
JSON object : View
Products Affected
necplatforms
- univerge_aspire_ux_firmware
- univerge_aspire_ux
- sl2100
- univerge_sv9100
- univerge_aspire_wx
- univerge_sv9100_firmware
- univerge_aspire_wx_firmware
- sl2100_firmware
CWE