PT-2020-7628 · Unify · Unify Openstage+1
Published
2020-01-09
·
Updated
2020-01-17
·
CVE-2014-2650
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Unify OpenStage / OpenScape Desk Phone IP versions prior to V3 R3.11.0
Description
The issue concerns an OS command injection vulnerability in the web-based management interface of the affected device.
Recommendations
For versions prior to V3 R3.11.0, update to V3 R3.11.0 or later to resolve the issue.
Fix
OS Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Unify Openscape Desk Phone Ip
Unify Openstage