CVE-2020-5686
Summary
| CVE | CVE-2020-5686 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-01-13 10:15:00 UTC |
| Updated | 2021-01-21 18:08:00 UTC |
| Description | Incorrect implementation of authentication algorithm issue in UNIVERGE SV9500 series from V1 to V7and SV8500 series from S6 to S8 allows an attacker to access the remote system maintenance feature and obtain the information by sending a specially crafted request to a specific URL. |
Risk And Classification
Problem Types: CWE-287
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Nec | Univerge Sv8500 | - | All | All | All |
| Hardware | Nec | Univerge Sv8500 | - | All | All | All |
| Operating System | Nec | Univerge Sv8500 Firmware | All | All | All | All |
| Hardware | Nec | Univerge Sv9500 | - | All | All | All |
| Hardware | Nec | Univerge Sv9500 | - | All | All | All |
| Operating System | Nec | Univerge Sv9500 Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| JVN#38784555: Multiple vulnerabilities in UNIVERGE SV9500/SV8500 series | MISC | jvn.jp | Third Party Advisory |
| Security Advisories | NEC Platforms, Ltd | MISC | www.necplatforms.co.jp | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.