CVE-2021-44746

EUVD-2021-31561
UNIVERGE DT 820 V3.2.7.0 and prior, UNIVERGE DT 830 V5.2.7.0 and prior, UNIVERGE DT 930 V2.4.0.0 and prior, IP Phone Manager V8.9.1 and prior, Data Maintenance Tool for DT900 Series V5.3.0.0 and prior, Data Maintenance Tool for DT800 Series V4.2.0.0 and prior allows a remote attacker who can access to the internal network, the configuration information may be obtained.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 43%
Affected Products (NVD)
VendorProductVersion
necuniverge_dt830_firmware
𝑥
≤ 5.2.7.0
necuniverge_dt820_firmware
𝑥
≤ 3.2.7.0
necuniverge_dt930_firmware
𝑥
≤ 2.4.0.0
necuniverge_dt900_data_maintenance_tool
𝑥
≤ 5.3.0.0
necuniverge_dt800_data_maintenance_tool
𝑥
≤ 4.2.0.0
necuniverge_ip_phone_manager
𝑥
≤ 8.9.1
𝑥
= Vulnerable software versions
References
https://www.necplatforms.co.jp/en/product/security_adv/211217.html
https://www.necplatforms.co.jp/en/product/security_adv/211217.html