- Description
- Akuvox E11 allows direct SIP calls. No access control is enforced by the SIP servers, which could allow an attacker to contact any device within Akuvox to call any other device.
- Source
- ics-cert@hq.dhs.gov
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
- Severity
- HIGH
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:akuvox:e11_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6EB9ACE6-0CE7-4237-8CF5-06C46500C329"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:akuvox:e11:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2632D9FC-4B1E-4B2F-B06B-55EAEFA6D6D7"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]