CVE-2022-25621

Published Mar 11, 2022

Last updated 4 months ago

CVSS critical 9.8

Overview

Description: UUNIVERGE WA 1020 Ver8.2.11 and prior, UNIVERGE WA 1510 Ver8.2.11 and prior, UNIVERGE WA 1511 Ver8.2.11 and prior, UNIVERGE WA 1512 Ver8.2.11 and prior, UNIVERGE WA 2020 Ver8.2.11 and prior, UNIVERGE WA 2021 Ver8.2.11 and prior, UNIVERGE WA 2610-AP Ver8.2.11 and prior, UNIVERGE WA 2611-AP Ver8.2.11 and prior, UNIVERGE WA 2611E-AP Ver8.2.11 and prior, UNIVERGE WA WA2612-AP Ver8.2.11 and prior allows a remote attacker to execute arbitrary OS commands.
Source: psirt-info@cyber.jp.nec.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-78

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:nec:univerge_wa1020_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C64E391F-5677-4901-A12B-041031CA6E9F",
            "versionEndIncluding": "8.2.11"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:nec:univerge_wa1020:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DF66BC3A-F599-4D67-BC0B-2164542F946F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:nec:univerge_wa1510_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED51866B-ADC7-49A1-9909-861A787EEF53",
            "versionEndIncluding": "8.2.11"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:nec:univerge_wa1510:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "08110880-F402-4FCB-9A96-0287B386D928"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:nec:univerge_wa1511_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "91AFB17B-2900-4A62-B0C8-CEC0C03D9261",
            "versionEndIncluding": "8.2.11"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:nec:univerge_wa1511:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "08F8E329-9B14-4751-8A7E-124F6CFB951C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:nec:univerge_wa1512_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66E731A8-FC4B-455B-883E-05941B62840A",
            "versionEndIncluding": "8.2.11"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:nec:univerge_wa1512:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "79FEA4DC-EE7D-4A0B-8693-63428D5971CD"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:nec:univerge_wa2020_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A43A837D-11EB-4B25-B045-72F248F87CF6",
            "versionEndIncluding": "8.2.11"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:nec:univerge_wa2020:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DDD96A7C-9F9A-4334-A14D-EF30E8D71A9F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:nec:univerge_wa2021_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3457EB8F-DB19-4835-A7F8-D272DE2E499E",
            "versionEndIncluding": "8.2.11"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:nec:univerge_wa2021:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6343DAFA-572F-416F-836E-ABA417E36C02"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:nec:univerge_wa2610-ap_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D24E4A2-A665-4741-9EB2-58A514383176",
            "versionEndIncluding": "8.2.11"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:nec:univerge_wa2610-ap:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1C8963A0-CE1C-4AD5-AF83-C2C07470D72F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:nec:univerge_wa2611-ap_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BF773423-95E4-497F-AF5D-449E4E84596C",
            "versionEndIncluding": "8.2.11"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:nec:univerge_wa2611-ap:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6BCE7133-A2B9-4B15-8852-136AD0043F34"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:nec:univerge_wa2611e-ap_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "89FAEFB2-485B-4F8F-8D2A-C807B47FB7EB",
            "versionEndIncluding": "8.2.11"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:nec:univerge_wa2611e-ap:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1C0448DD-AB26-475B-99DE-660877CC584B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:nec:univerge_wa2612-ap_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6CE802AF-7FFA-4066-BF80-9FF35AF7CEE1",
            "versionEndIncluding": "8.2.11"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:nec:univerge_wa2612-ap:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "36DFB440-4F76-499B-BDD1-4575F05A0888"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References