Lucene search
HistorySep 01, 2004 - 4:00 a.m.
CVE-2002-0672
cve-2002-0672
pingtel xpressa
voip phone
factory reset
authentication
security vulnerability
6.6 Medium
AI Score
Confidence
Low
4.6 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
52.6%
Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows attackers with physical access to restore the phone to factory defaults without authentication via a menu option, which sets the administrator password to null.
Affected configurations
Node
pingtelxpressaMatch1.2.5
ORpingtelxpressaMatch1.2.7.4
| CPE | Name | Operator | Version |
|---|---|---|---|
| pingtel:xpressa | pingtel xpressa | eq | 1.2.5 |
| pingtel:xpressa | pingtel xpressa | eq | 1.2.7.4 |
Related
cvelist
cvelist
CVE-2002-0672
2004-09-01 04:00:00
nvd
nvd
CVE-2002-0672
2002-07-23 04:00:00
securityvulns
securityvulns
@stake Advisory: Multiple Vulnerabilities with Pingtel xpressa SIP Phones
2002-07-13 00:00:00
6.6 Medium
AI Score
Confidence
Low
4.6 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
52.6%
Related for CVE-2002-0672