Lucene search
HistorySep 01, 2004 - 4:00 a.m.
CVE-2002-0668
pingtel
xpressa
sip
voip
phone
web interface
authenticated users
modify
call forwarding
call hijacking
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.4 Medium
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
75.9%
The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows authenticated users to modify the Call Forwarding settings and hijack calls.
Affected configurations
Node
pingtelxpressaMatch1.2.5
ORpingtelxpressaMatch1.2.7.4
| CPE | Name | Operator | Version |
|---|---|---|---|
| pingtel:xpressa | pingtel xpressa | eq | 1.2.5 |
| pingtel:xpressa | pingtel xpressa | eq | 1.2.7.4 |
Related
cvelist
cvelist
CVE-2002-0668
2004-09-01 04:00:00
nvd
nvd
CVE-2002-0668
2002-07-23 04:00:00
securityvulns
securityvulns
@stake Advisory: Multiple Vulnerabilities with Pingtel xpressa SIP Phones
2002-07-13 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.4 Medium
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
75.9%
Related for CVE-2002-0668