CVE-2002-0674

Name of the Vulnerable Software and Affected Versions Pingtel xpressa SIP-based voice-over-IP phone versions 1.2.5 through 1.2.7.4

Description The issue allows other users to perform administrator actions if the administrator does not explicitly end the authentication, due to the failure to "time out" an inactive administrator session.

Recommendations For versions 1.2.5 through 1.2.7.4, consider implementing a session timeout mechanism to automatically end inactive administrator sessions, or ensure that administrators explicitly log out when their session is inactive to prevent unauthorized access.