CVE-2021-20677
Last modified
CVE-2021-20677 is a low-severity vulnerability rated 3.1/10 on the CVSS scale. UNIVERGE Aspire series PBX (UNIVERGE Aspire WX from 1.00 to 3.51, UNIVERGE Aspire UX from 1.00 to 9.70, UNIVERGE SV9100 from 1.00 to 10.70, and SL2100 from 1.00 to 3.00) allows a remote authenticated attacker to cause system down and a denial of service (DoS) condition by sending a specially crafted command.. EPSS estimates a 0.92% chance of exploitation in the next 30 days.
Description
UNIVERGE Aspire series PBX (UNIVERGE Aspire WX from 1.00 to 3.51, UNIVERGE Aspire UX from 1.00 to 9.70, UNIVERGE SV9100 from 1.00 to 10.70, and SL2100 from 1.00 to 3.00) allows a remote authenticated attacker to cause system down and a denial of service (DoS) condition by sending a specially crafted command.
Metrics
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Necplatforms | Univerge Aspire Wx Firmware | >= 1.00, <= 3.51 |
| Necplatforms | Univerge Aspire Ux Firmware | >= 1.00, <= 9.70 |
| Necplatforms | Univerge Sv9100 Firmware | >= 1.00, <= 10.70 |
| Necplatforms | Sl2100 Firmware | >= 1.00, <= 3.00 |
References
- https://jvn.jp/en/jp/JVN12737530/index.htmlThird Party Advisory
- https://www.necplatforms.co.jp/en/press/security_adv.htmlVendor Advisory
- https://jvn.jp/en/jp/JVN12737530/index.htmlThird Party Advisory
- https://www.necplatforms.co.jp/en/press/security_adv.htmlVendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2021-20677?
How severe is CVE-2021-20677?
How do I fix CVE-2021-20677?
Are you affected by CVE-2021-20677?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST