Vulnerability Details CVE-2019-20028
Aspire-derived NEC PBXes operating InMail software, including all versions of SV8100, SV9100, SL1100 and SL2100 devices allow unauthenticated read-only access to voicemails, greetings, and voice response system content through a system's WebPro administration interface.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.1%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
Products affected by CVE-2019-20028
-
cpe:2.3:h:nec:sl1100:-
-
cpe:2.3:h:nec:sl2100:-
-
cpe:2.3:h:nec:sv8100:-
-
cpe:2.3:h:nec:sv9100:-
-
cpe:2.3:o:nec:sl1100_firmware:-
-
cpe:2.3:o:nec:sl1100_firmware:7.0
-
cpe:2.3:o:nec:sl2100_firmware:-
-
cpe:2.3:o:nec:sl2100_firmware:7.0
-
cpe:2.3:o:nec:sv8100_firmware:-
-
cpe:2.3:o:nec:sv8100_firmware:7.0
-
cpe:2.3:o:nec:sv9100_firmware:-
-
cpe:2.3:o:nec:sv9100_firmware:6.0
-
cpe:2.3:o:nec:sv9100_firmware:7.0