Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The web-based management (WBM) interface in Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 generates session cookies with insufficient entropy, which makes it easier for remote attackers to hijack sessions via a brute-force attack.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Unify OpenStage SIP和OpenScape Desk Phone IP 安全漏洞
Vulnerability Description
Unify OpenStage SIP和OpenScape Desk Phone IP都是美国优力飞(Unify)公司的IP电话产品。 Unify OpenStage SIP和OpenScape Desk Phone IP V3 R3.32.0之前版本中基于Web的管理界面存在安全漏洞。远程攻击者可通过实施暴力破解攻击利用该漏洞劫持会话。
CVSS Information
N/A
Vulnerability Type
N/A