CyberSec.Space Logo
CVEブラウザに戻る

CVE-2002-0674

HIGH
7.2
CVSS Severity Score
EPSS Score0.1580%
EPSS Percentile19.70th
Published2002年7月23日
Last Modified2026年4月16日

Vulnerability Description

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 does not "time out" an inactive administrator session, which could allow other users to perform administrator actions if the administrator does not explicitly end the authentication.

Affected Platforms (CPE)

🔌
Pingtel

Xpressa

= 1.2.5
🔌
Pingtel

Xpressa

= 1.2.7.4

References & Advisories

🔗 http://www.atstake.com/research/advisories/2002/a071202-1.txt
🔗 http://www.pingtel.com/PingtelAtStakeAdvisoryResponse.jsp
🔗 http://www.securityfocus.com/bid/5221
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/9569
🔗 http://www.atstake.com/research/advisories/2002/a071202-1.txt
🔗 http://www.pingtel.com/PingtelAtStakeAdvisoryResponse.jsp
🔗 http://www.securityfocus.com/bid/5221
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/9569

関連する脆弱性情報

CVE-2002-066710.0

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 has a default null administrator password, which could allow r...

CVE-2002-06719.8

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 downloads phone applications from a web site but can not verif...

CVE-2002-06707.5

The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 uses Base64 encoded usernames and passwo...

CVE-2002-06687.5

The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows authenticated users to modify the...