Vulnerability CVE-2015-8251


Published: 2017-09-25   Modified: 2017-09-26

Description:
OpenStage 60 and OpenScape Desk Phone IP 55G SIP V3, OpenStage 15, 20E, 20 and 40 and OpenScape Desk Phone IP 35G SIP V3, OpenScape Desk Phone IP 35G Eco SIP V3, OpenStage 60 and OpenScape Desk Phone IP 55G HFA V3, OpenStage 15, 20E, 20, and 40 and OpenScape Desk Phone IP 35G HFA V3, and OpenScape Desk Phone IP 35G Eco HFA V3 use non-unique X.509 certificates and SSH host keys.

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
Unify -> Openscape desk phone ip 55g hfa firmware 
Unify -> Openscape desk phone ip 35g eco sip firmware 
Unify -> Openscape desk phone ip 35g hfa firmware 
Unify -> Openstage 20e firmware 
Unify -> Openstage 40 firmware 
Unify -> Openstage 60 firmware 
Unify -> Openscape desk phone ip 55g sip firmware 
Unify -> Openstage 20 firmware 
Unify -> Openscape desk phone ip 35g sip firmware 
Unify -> Openstage 15 firmware 

 References:
http://www.kb.cert.org/vuls/id/566724
https://networks.unify.com/security/advisories/OBSO-1511-02-A.pdf
https://networks.unify.com/security/advisories/OBSO-1511-02.pdf
https://www.kb.cert.org/vuls/id/BLUU-A2PPZE

Copyright 2024, cxsecurity.com

 

Back to Top