CVE-2005-3721
Published Nov 21, 2005
Last updated 8 years ago
Overview
- Description
- The default configuration of the HTTP server in Hitachi IP5000 VOIP WIFI Phone 1.5.6 does not require authentication for sensitive configuration pages, which allows remote attackers to modify configuration.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachi:ip5000_voip_wifi_phone:1.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AAC706E3-7C59-4142-A99C-7B7B6B6336C4"
},
{
"criteria": "cpe:2.3:h:hitachi:ip5000_voip_wifi_phone:1.5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "375012B5-4457-4B33-B041-2D6290EDB769"
},
{
"criteria": "cpe:2.3:h:hitachi:ip5000_voip_wifi_phone:1.5.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "205A7FE1-B5F2-4FA1-9858-413E18B5977A"
},
{
"criteria": "cpe:2.3:h:hitachi:ip5000_voip_wifi_phone:1.5.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8366F6CB-8CA5-4A75-BED5-EE66091AD16B"
},
{
"criteria": "cpe:2.3:h:hitachi:ip5000_voip_wifi_phone:1.5.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0BBFE589-8EDC-48DC-81C6-8845875E591A"
},
{
"criteria": "cpe:2.3:h:hitachi:ip5000_voip_wifi_phone:1.5.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3ADD3767-29C7-4DA0-B334-E1AD98762AF7"
},
{
"criteria": "cpe:2.3:h:hitachi:ip5000_voip_wifi_phone:1.5.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5172EE6C-9B8F-4A79-A3B4-C85555536A23"
}
],
"operator": "OR"
}
]
}
]