CVE-2023-0348

Akuvox E11 allows direct SIP calls. No access control is enforced by the SIP servers, which could allow an attacker to contact any device within Akuvox to call any other device.
References
Link Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-23-068-01 Third Party Advisory US Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-23-068-01 Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:akuvox:e11_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:akuvox:e11:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:37

Type Values Removed Values Added
References () https://www.cisa.gov/news-events/ics-advisories/icsa-23-068-01 - Third Party Advisory, US Government Resource () https://www.cisa.gov/news-events/ics-advisories/icsa-23-068-01 - Third Party Advisory, US Government Resource

16 Mar 2023, 19:46

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
CWE CWE-284 NVD-CWE-Other
CPE cpe:2.3:h:akuvox:e11:-:*:*:*:*:*:*:*
cpe:2.3:o:akuvox:e11_firmware:-:*:*:*:*:*:*:*
References (MISC) https://www.cisa.gov/news-events/ics-advisories/icsa-23-068-01 - (MISC) https://www.cisa.gov/news-events/ics-advisories/icsa-23-068-01 - Third Party Advisory, US Government Resource

13 Mar 2023, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-03-13 21:15

Updated : 2024-11-21 07:37


NVD link : CVE-2023-0348

Mitre link : CVE-2023-0348

CVE.ORG link : CVE-2023-0348


JSON object : View

Products Affected

akuvox

  • e11_firmware
  • e11