CVE-2021-20677 Vulnerability Details

  /     /     /  

CVE-2021-20677 Metadata Quick Info

CVE Published: 26/03/2021 | CVE Updated: 03/08/2024 | CVE Year: 2021
Source: jpcert | Vendor: NEC Platforms, Ltd. | Product: UNIVERGE Aspire series PBX
Status : PUBLISHED

---

CVE-2021-20677 Description

UNIVERGE Aspire series PBX (UNIVERGE Aspire WX from 1.00 to 3.51, UNIVERGE Aspire UX from 1.00 to 9.70, UNIVERGE SV9100 from 1.00 to 10.70, and SL2100 from 1.00 to 3.00) allows a remote authenticated attacker to cause system down and a denial of service (DoS) condition by sending a specially crafted command.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Denial-of-service (DoS)
Source: NEC Platforms, Ltd.

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).