CVE-2015-8251

OpenStage 60 and OpenScape Desk Phone IP 55G SIP V3, OpenStage 15, 20E, 20 and 40 and OpenScape Desk Phone IP 35G SIP V3, OpenScape Desk Phone IP 35G Eco SIP V3, OpenStage 60 and OpenScape Desk Phone IP 55G HFA V3, OpenStage 15, 20E, 20, and 40 and OpenScape Desk Phone IP 35G HFA V3, and OpenScape Desk Phone IP 35G Eco HFA V3 use non-unique X.509 certificates and SSH host keys.
References
Link Resource
http://www.kb.cert.org/vuls/id/566724 Third Party Advisory US Government Resource
https://networks.unify.com/security/advisories/OBSO-1511-02-A.pdf Vendor Advisory
https://networks.unify.com/security/advisories/OBSO-1511-02.pdf Vendor Advisory
https://www.kb.cert.org/vuls/id/BLUU-A2PPZE Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:unify:openstage_60_firmware:3.0:*:*:*:*:*:*:*
cpe:2.3:h:unify:openstage_60:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:unify:openscape_desk_phone_ip_55g_sip_firmware:3.0:*:*:*:*:*:*:*
cpe:2.3:h:unify:openscape_desk_phone_ip_55g_sip:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:unify:openstage_15_firmware:3.0:*:*:*:*:*:*:*
cpe:2.3:h:unify:openstage_15:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:unify:openstage_20e_firmware:3.0:*:*:*:*:*:*:*
cpe:2.3:h:unify:openstage_20e:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:unify:openstage_20_firmware:3.0:*:*:*:*:*:*:*
cpe:2.3:h:unify:openstage_20:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:unify:openstage_40_firmware:3.0:*:*:*:*:*:*:*
cpe:2.3:h:unify:openstage_40:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:unify:openscape_desk_phone_ip_35g_sip_firmware:3.0:*:*:*:*:*:*:*
cpe:2.3:h:unify:openscape_desk_phone_ip_35g_sip:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:unify:openscape_desk_phone_ip_35g_eco_sip_firmware:3.0:*:*:*:*:*:*:*
cpe:2.3:h:unify:openscape_desk_phone_ip_35g_eco_sip:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:unify:openscape_desk_phone_ip_55g_hfa_firmware:3.0:*:*:*:*:*:*:*
cpe:2.3:h:unify:openscape_desk_phone_ip_55g_hfa:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:unify:openscape_desk_phone_ip_35g_hfa_firmware:3.0:*:*:*:*:*:*:*
cpe:2.3:h:unify:openscape_desk_phone_ip_35g_hfa:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:unify:openstage_60_firmware:3.0:*:*:*:*:*:*:*
cpe:2.3:h:unify:openscape_desk_phone_ip_35g_eco_hfa:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-09-25 21:29

Updated : 2024-02-04 19:29


NVD link : CVE-2015-8251

Mitre link : CVE-2015-8251

CVE.ORG link : CVE-2015-8251


JSON object : View

Products Affected

unify

  • openscape_desk_phone_ip_55g_sip
  • openscape_desk_phone_ip_35g_sip_firmware
  • openstage_60
  • openstage_60_firmware
  • openstage_20_firmware
  • openstage_15
  • openscape_desk_phone_ip_35g_eco_sip_firmware
  • openscape_desk_phone_ip_35g_hfa
  • openstage_40
  • openscape_desk_phone_ip_55g_hfa_firmware
  • openscape_desk_phone_ip_55g_sip_firmware
  • openstage_40_firmware
  • openscape_desk_phone_ip_35g_hfa_firmware
  • openstage_20e
  • openstage_20
  • openstage_20e_firmware
  • openscape_desk_phone_ip_35g_eco_sip
  • openscape_desk_phone_ip_35g_sip
  • openscape_desk_phone_ip_35g_eco_hfa
  • openscape_desk_phone_ip_55g_hfa
  • openstage_15_firmware
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor