1. Home
  2. CVE Database
  3. CVE-2019-20032
MEDIUM · 6.5

CVE-2019-20032

An attacker with access to an InMail voicemail box equipped with the find me/follow me feature on Aspire-derived NEC PBXes, including all versions of SV8100, SV9100, SL1100 and SL2100 devices, may acc...

Vulnerability Description

An attacker with access to an InMail voicemail box equipped with the find me/follow me feature on Aspire-derived NEC PBXes, including all versions of SV8100, SV9100, SL1100 and SL2100 devices, may access the system's administration modem.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
HIGH
Availability
NONE

Affected Products

VendorProductVersions
NecSv8100 FirmwareAll versions
NecSv8100-
NecSv9100 FirmwareAll versions
NecSv9100-
NecSl1100 FirmwareAll versions
NecSl1100-
NecSl2100 FirmwareAll versions
NecSl2100-

References

FAQ

What is CVE-2019-20032?

CVE-2019-20032 is a vulnerability with a CVSS score of 6.5 (MEDIUM). An attacker with access to an InMail voicemail box equipped with the find me/follow me feature on Aspire-derived NEC PBXes, including all versions of SV8100, SV9100, SL1100 and SL2100 devices, may acc...

How severe is CVE-2019-20032?

CVE-2019-20032 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-20032?

Check the references section above for vendor advisories and patch information. Affected products include: Nec Sv8100 Firmware, Nec Sv8100, Nec Sv9100 Firmware, Nec Sv9100, Nec Sl1100 Firmware.