CVE-2019-20032

An attacker with access to an InMail voicemail box equipped with the find me/follow me feature on Aspire-derived NEC PBXes, including all versions of SV8100, SV9100, SL1100 and SL2100 devices, may access the system's administration modem.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 43%
VendorProductVersion
necsv8100_firmware
*
necsv9100_firmware
*
necsl1100_firmware
*
necsl2100_firmware
*
𝑥
= Vulnerable software versions
References
https://shadytel.su/files/nec_cve.txt
https://shadytel.su/files/nec_cve.txt