NEC.Univerge.WebPro.V6.Clear.Text.Password.Disclosure

description-logoDescription

This indicates an attack attempt to exploit an Information Disclosure Vulnerability in NEC Univerge Sv9100 WebPro.
The vulnerability is due to an design error in the vulnerable application when handling a maliciously crafted request. A remote attacker may be able to exploit this to get arbitrary files on the affected machine via a crafted request.

affected-products-logoAffected Products

NEC Univerge Sv9100 WebPro version 6.00.00

Impact logoImpact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

recomended-action-logoRecommended Actions

Apply the latest patch from the vendor.
https://www.necam.com/ContactUs/

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-06-28 14.641 Default_action:pass:drop
2019-05-09 14.610

References

45942