CVE-2021-20677 Information

Description

UNIVERGE Aspire series PBX (UNIVERGE Aspire WX from 1.00 to 3.51 UNIVERGE Aspire UX from 1.00 to 9.70 UNIVERGE SV9100 from 1.00 to 10.70 and SL2100 from 1.00 to 3.00) allows a remote authenticated attacker to cause system down and a denial of service (DoS) condition by sending a specially crafted command.

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

Reference

https://jvn.jp/en/jp/JVN12737530/index.html https://www.necplatforms.co.jp/en/press/security_adv.html

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

LOW

Base Severity

3.1