Vulnerability Details CVE-2014-2650
Unify OpenStage / OpenScape Desk Phone IP before V3 R3.11.0 SIP has an OS command injection vulnerability in the web based management interface
Exploit prediction scoring system (EPSS) score
EPSS Score 0.053
EPSS Ranking 89.5%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
- http://assets.yourcircuit.com/Internet/web/Container%20Site/Misc/Footer-content/privacy-policy/security-advisories.aspx
- https://networks.unify.com/security/advisories/OBSO-1403-01.pdf
- http://assets.yourcircuit.com/Internet/web/Container%20Site/Misc/Footer-content/privacy-policy/security-advisories.aspx
- https://networks.unify.com/security/advisories/OBSO-1403-01.pdf
Products affected by CVE-2014-2650
-
cpe:2.3:h:atos:openscape_desk_phone_ip_35g:-
-
cpe:2.3:h:atos:openscape_desk_phone_ip_35g_eco:-
-
cpe:2.3:h:atos:openscape_desk_phone_ip_55g:-
-
cpe:2.3:h:atos:openstage_15:-
-
cpe:2.3:h:atos:openstage_15_g:-
-
cpe:2.3:h:atos:openstage_20:-
-
cpe:2.3:h:atos:openstage_20_e:-
-
cpe:2.3:h:atos:openstage_20_g:-
-
cpe:2.3:h:atos:openstage_40:-
-
cpe:2.3:h:atos:openstage_40_g:-
-
cpe:2.3:h:atos:openstage_5:-
-
cpe:2.3:h:atos:openstage_60:-
-
cpe:2.3:h:atos:openstage_60_g:-
-
cpe:2.3:h:atos:openstage_80:-
-
cpe:2.3:h:atos:openstage_80_g:-
-
cpe:2.3:o:atos:openscape_desk_phone_ip_35g_eco_firmware:v3
-
cpe:2.3:o:atos:openscape_desk_phone_ip_35g_firmware:v3
-
cpe:2.3:o:atos:openscape_desk_phone_ip_55g_firmware:v3
-
cpe:2.3:o:atos:openstage_15_firmware:v3
-
cpe:2.3:o:atos:openstage_15_g_firmware:v3
-
cpe:2.3:o:atos:openstage_20_e_firmware:v3
-
cpe:2.3:o:atos:openstage_20_firmware:v3
-
cpe:2.3:o:atos:openstage_20_g_firmware:v3
-
cpe:2.3:o:atos:openstage_40_firmware:v3
-
cpe:2.3:o:atos:openstage_40_g_firmware:v3
-
cpe:2.3:o:atos:openstage_5_firmware:v3
-
cpe:2.3:o:atos:openstage_60_firmware:v3
-
cpe:2.3:o:atos:openstage_60_g_firmware:v3
-
cpe:2.3:o:atos:openstage_80_firmware:v3
-
cpe:2.3:o:atos:openstage_80_g_firmware:v3