CVE-2021-44746

UNIVERGE DT 820 V3.2.7.0 and prior, UNIVERGE DT 830 V5.2.7.0 and prior, UNIVERGE DT 930 V2.4.0.0 and prior, IP Phone Manager V8.9.1 and prior, Data Maintenance Tool for DT900 Series V5.3.0.0 and prior, Data Maintenance Tool for DT800 Series V4.2.0.0 and prior allows a remote attacker who can access to the internal network, the configuration information may be obtained.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
NECCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 45%
VendorProductVersion
necuniverge_dt830_firmware
𝑥
≤ 5.2.7.0
necuniverge_dt820_firmware
𝑥
≤ 3.2.7.0
necuniverge_dt930_firmware
𝑥
≤ 2.4.0.0
necuniverge_dt900_data_maintenance_tool
𝑥
≤ 5.3.0.0
necuniverge_dt800_data_maintenance_tool
𝑥
≤ 4.2.0.0
necuniverge_ip_phone_manager
𝑥
≤ 8.9.1
𝑥
= Vulnerable software versions
References
https://www.necplatforms.co.jp/en/product/security_adv/211217.html
https://www.necplatforms.co.jp/en/product/security_adv/211217.html