PT-2020-10326 · Nec · Sv8100

Published

2020-07-29

Updated

2021-07-21

CVE-2019-20033

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions NEC SV8100 devices (all versions)

Description A set of documented, static login credentials may be used to access the DIM interface on Aspire-derived NEC PBXes, including all versions of SV8100 devices.

Recommendations For all versions of NEC SV8100 devices, consider changing the default login credentials to prevent unauthorized access to the DIM interface. As a temporary workaround, restrict access to the DIM interface until a more secure authentication method is implemented.

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2019-20033

Affected Products

Sv8100

PT-2020-10326 · Nec · Sv8100

CVE-2019-20033

Weakness Enumeration

Related Identifiers

Affected Products

References · 3