CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2002-0674

HIGH
7.2
CVSS Severity Score
EPSS Score0.1580%
EPSS Percentile19.70th
Published2002年7月23日
Last Modified2026年4月16日

Vulnerability Description

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 does not "time out" an inactive administrator session, which could allow other users to perform administrator actions if the administrator does not explicitly end the authentication.

Affected Platforms (CPE)

🔌
Pingtel

Xpressa

= 1.2.5
🔌
Pingtel

Xpressa

= 1.2.7.4

References & Advisories

🔗 http://www.atstake.com/research/advisories/2002/a071202-1.txt
🔗 http://www.pingtel.com/PingtelAtStakeAdvisoryResponse.jsp
🔗 http://www.securityfocus.com/bid/5221
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/9569
🔗 http://www.atstake.com/research/advisories/2002/a071202-1.txt
🔗 http://www.pingtel.com/PingtelAtStakeAdvisoryResponse.jsp
🔗 http://www.securityfocus.com/bid/5221
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/9569

相關漏洞威脅

CVE-2002-066710.0

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 has a default null administrator password, which could allow r...

CVE-2002-06719.8

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 downloads phone applications from a web site but can not verif...

CVE-2002-06707.5

The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 uses Base64 encoded usernames and passwo...

CVE-2002-06687.5

The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows authenticated users to modify the...

CVE-2002-0674 Detail & Impact Analysis | CVSS 7.2 (HIGH) | Cyber-Sec.Space | Cyber-Sec.Space