CVE-2021-20677

EUVD-2021-8095
UNIVERGE Aspire series PBX (UNIVERGE Aspire WX from 1.00 to 3.51, UNIVERGE Aspire UX from 1.00 to 9.70, UNIVERGE SV9100 from 1.00 to 10.70, and SL2100 from 1.00 to 3.00) allows a remote authenticated attacker to cause system down and a denial of service (DoS) condition by sending a specially crafted command.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.1 LOW
NETWORK
HIGH
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 53%
Affected Products (NVD)
VendorProductVersion
necplatformsuniverge_aspire_wx_firmware
1.00 ≤
𝑥
≤ 3.51
necplatformsuniverge_aspire_ux_firmware
1.00 ≤
𝑥
≤ 9.70
necplatformsuniverge_sv9100_firmware
1.00 ≤
𝑥
≤ 10.70
necplatformssl2100_firmware
1.00 ≤
𝑥
≤ 3.00
𝑥
= Vulnerable software versions
References
https://jvn.jp/en/jp/JVN12737530/index.html
https://www.necplatforms.co.jp/en/press/security_adv.html
https://jvn.jp/en/jp/JVN12737530/index.html
https://www.necplatforms.co.jp/en/press/security_adv.html