CVE-2021-20677

UNIVERGE Aspire series PBX (UNIVERGE Aspire WX from 1.00 to 3.51, UNIVERGE Aspire UX from 1.00 to 9.70, UNIVERGE SV9100 from 1.00 to 10.70, and SL2100 from 1.00 to 3.00) allows a remote authenticated attacker to cause system down and a denial of service (DoS) condition by sending a specially crafted command.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.1 LOW
NETWORK
HIGH
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
jpcertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 53%
VendorProductVersion
necplatformsuniverge_aspire_wx_firmware
1.00 ≤
𝑥
≤ 3.51
necplatformsuniverge_aspire_ux_firmware
1.00 ≤
𝑥
≤ 9.70
necplatformsuniverge_sv9100_firmware
1.00 ≤
𝑥
≤ 10.70
necplatformssl2100_firmware
1.00 ≤
𝑥
≤ 3.00
𝑥
= Vulnerable software versions
References
https://jvn.jp/en/jp/JVN12737530/index.html
https://www.necplatforms.co.jp/en/press/security_adv.html
https://jvn.jp/en/jp/JVN12737530/index.html
https://www.necplatforms.co.jp/en/press/security_adv.html