CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-0674

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 does not "time out" an inactive administrator session, which could allow other users to perform administrator actions if the administrator does not explicitly end the authentication.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 21.7%

CVSS Severity

CVSS v2 Score 7.2

References

http://www.atstake.com/research/advisories/2002/a071202-1.txt
http://www.pingtel.com/PingtelAtStakeAdvisoryResponse.jsp
http://www.securityfocus.com/bid/5221
https://exchange.xforce.ibmcloud.com/vulnerabilities/9569
http://www.atstake.com/research/advisories/2002/a071202-1.txt
http://www.pingtel.com/PingtelAtStakeAdvisoryResponse.jsp
http://www.securityfocus.com/bid/5221
https://exchange.xforce.ibmcloud.com/vulnerabilities/9569

Products affected by CVE-2002-0674

Pingtel » Xpressa » Version: 1.2.5

cpe:2.3:h:pingtel:xpressa:1.2.5
Pingtel » Xpressa » Version: 1.2.7.4

cpe:2.3:h:pingtel:xpressa:1.2.7.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-0674

Products

Pricing

Contact Us