What is the vulnerability ID of this issue?

The vulnerability ID of this issue is CVE-2019-20027.

What is the severity rating of CVE-2019-20027?

CVE-2019-20027 has a severity rating of 9.8 (Critical).

Where can I find more information about CVE-2019-20027?

You can find more information about CVE-2019-20027 at the following link: [https://shadytel.su/files/nec_cve.txt](https://shadytel.su/files/nec_cve.txt)

Vulnerability/
CVE-2019-20027

critical

9.8

CWE

287

29/7/2020

5/8/2024

CVE-2019-20027

First published: Wed Jul 29 2020(Updated: )

Aspire-derived NEC PBXes, including the SV8100, SV9100, SL1100 and SL2100 with software releases 7.0 or higher contain the possibility if incorrectly configured to allow a blank username and password combination to be entered as a valid, successfully authenticating account.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Nec Sv8100 Firmware	>=7.0
Nec Sv8100
Nec Sv9100 Firmware	>=7.0
NEC SV9100
Nec Sl1100 Firmware	>=7.0
Nec Sl1100
Nec Sl2100 Firmware	>=7.0
Nec Sl2100

Never miss a vulnerability like this again

Reference Links

https://shadytel.su/files/nec_cve.txt

Frequently Asked Questions

What is the vulnerability ID of this issue?
The vulnerability ID of this issue is CVE-2019-20027.
Which NEC PBXes are affected by this vulnerability?
Aspire-derived NEC PBXes including the SV8100, SV9100, SL1100, and SL2100 with software releases 7.0 or higher are affected.
What is the severity rating of CVE-2019-20027?
CVE-2019-20027 has a severity rating of 9.8 (Critical).
How can this vulnerability be exploited?
If incorrectly configured, this vulnerability allows a blank username and password combination to be entered as a valid, successfully authenticating account.
Where can I find more information about CVE-2019-20027?
You can find more information about CVE-2019-20027 at the following link: [https://shadytel.su/files/nec_cve.txt](https://shadytel.su/files/nec_cve.txt)

collector/nvd-index
agent/references
agent/type
agent/tags
agent/event
agent/weakness
agent/severity
agent/author
agent/description
agent/softwarecombine
agent/last-modified-date
agent/first-publish-date
collector/mitre-cve
source/MITRE
vendor/nec
canonical/nec sv8100 firmware
version/nec sv8100 firmware/7.0
canonical/nec sv8100
canonical/nec sv9100 firmware
version/nec sv9100 firmware/7.0
canonical/nec sv9100
canonical/nec sl1100 firmware
version/nec sl1100 firmware/7.0
canonical/nec sl1100
canonical/nec sl2100 firmware
version/nec sl2100 firmware/7.0
canonical/nec sl2100

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.