Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Nec Subscribe
Filtered by product Um8000
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-20031 1 Nec 4 Um4730, Um4730 Firmware, Um8000 and 1 more 2020-08-03 6.4 MEDIUM 9.1 CRITICAL
NEC UM8000, UM4730 and prior non-InMail voicemail systems with all known software versions may permit an infinite number of login attempts in the telephone user interface (TUI), effectively allowing brute force attacks.
CVE-2019-20030 1 Nec 2 Um8000, Um8000 Firmware 2020-08-03 4.6 MEDIUM 7.8 HIGH
An attacker with knowledge of the modem access number on a NEC UM8000 voicemail system may use SSH tunneling or standard Linux utilities to gain access to the system's LAN port. All versions are affected.