- Description
- The Thomson ST 2030 SIP phone with software 1.52.1 allows remote attackers to cause a denial of service (device hang) via an INVITE message with a Via header that contains a '/' (slash) instead of the required space following the SIP version number.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:P
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:thomson:st_2030_sip_phone:1:1.52.1_firmware:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55E242E7-F936-4A87-A555-141ECF9B028A"
}
],
"operator": "OR"
}
]
}
]