CVE-2021-20677

Description


UNIVERGE Aspire series PBX (UNIVERGE Aspire WX from 1.00 to 3.51, UNIVERGE Aspire UX from 1.00 to 9.70, UNIVERGE SV9100 from 1.00 to 10.70, and SL2100 from 1.00 to 3.00) allows a remote authenticated attacker to cause system down and a denial of service (DoS) condition by sending a specially crafted command.

CvssV3 impact


BaseSeverity

LOW

ConfidentialityImpact

NONE

AttackComplexity

HIGH

Scope

UNCHANGED

AttackVector

NETWORK

AvailabilityImpact

LOW

IntegrityImpact

NONE

PrivilegesRequired

LOW

BaseScore

3.1

VectorString

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

Version

3.1

UserInteraction

NONE

CvssV2 impact


AccessComplexity

MEDIUM

ConfidentialityImpact

NONE

AvailabilityImpact

PARTIAL

IntegrityImpact

NONE

BaseScore

3.5

VectorString

AV:N/AC:M/Au:S/C:N/I:N/A:P

Version

2.0

AccessVector

NETWORK

Authentication

SINGLE