Command Injection vulnerability in NEC Corporation UNIVERGE IX from Ver9.2 to Ver10.10.21, for Ver10.8 up to Ver10.8.27, for Ver10.9 up to Ver10.9.14 and UNIVERGE IX-R/IX-V Ver1.2.15 and earlier allows a attacker to inject an arbitrary CLI commands to be executed on the device via the management interface.
Metrics
Affected Vendors & Products
References
History
Fri, 29 Nov 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Nec Corporation
Nec Corporation univerge 1x Nec Corporation univerge 1x-r\/ix-v |
|
CPEs | cpe:2.3:a:nec_corporation:univerge_1x-r\/ix-v:*:*:*:*:*:*:*:* cpe:2.3:a:nec_corporation:univerge_1x:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Nec Corporation
Nec Corporation univerge 1x Nec Corporation univerge 1x-r\/ix-v |
|
Metrics |
ssvc
|
Fri, 29 Nov 2024 08:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Command Injection vulnerability in NEC Corporation UNIVERGE IX from Ver9.2 to Ver10.10.21, for Ver10.8 up to Ver10.8.27, for Ver10.9 up to Ver10.9.14 and UNIVERGE IX-R/IX-V Ver1.2.15 and earlier allows a attacker to inject an arbitrary CLI commands to be executed on the device via the management interface. | |
Weaknesses | CWE-77 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: NEC
Published: 2024-11-29T08:03:07.458Z
Updated: 2024-11-29T13:40:11.027Z
Reserved: 2024-11-08T02:59:55.534Z
Link: CVE-2024-11013
Vulnrichment
Updated: 2024-11-29T13:40:04.332Z
NVD
Status : Received
Published: 2024-11-29T08:15:03.923
Modified: 2024-11-29T08:15:03.923
Link: CVE-2024-11013
Redhat
No data.