CVE-2014-9563

Published: Apr 12, 2018Modified: Nov 21, 2024

4.9

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Exploitability: 1.2 / Impact: 3.6

Source: NVD

Description

CRLF injection vulnerability in the web-based management (WBM) interface in Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allows remote authenticated users to modify the root password and consequently access the debug port using the serial interface via the ssh-password parameter to page.cmd.

Affected (2)

Products: Unify: Openstage Sip, Openscape Desk Phone Ip Sip

2 products

Openscape Desk Phone Ip Sip

Configuration A

1 vulnerable · 3 platform

Vulnerable Software	Affected Versions
Unify Openstage Sip	Before r3.32.0

Running on/with	Platform Versions
Unify Openstage 20	All versions
Unify Openstage 40	All versions
Unify Openstage 60	All versions

Configuration B

1 vulnerable · 3 platform

Vulnerable Software	Affected Versions
Unify Openscape Desk Phone Ip Sip	Before r3.32.0

Running on/with	Platform Versions
Atos Openscape Desk Phone Ip 35g	All versions
Atos Openscape Desk Phone Ip 35g Eco	All versions
Atos Openscape Desk Phone Ip 55g	All versions

Related CWEs

Improper Neutralization of CRLF Sequences ('CRLF Injection')

The product uses CRLF (carriage return line feeds) as a special element, e.g. to separate lines or records, but it does not neutralize or incorrectly neutralizes CRLF sequences from inputs.

References (4)

https://networks.unify.com/security/advisories/OBSO-1501-02.pdf

Source: cve@mitre.org

Vendor Advisory

https://www.modzero.ch/advisories/MZ-14-02-Siemens-Unify-OpenStage.txt

Source: cve@mitre.org

Third Party Advisory

https://networks.unify.com/security/advisories/OBSO-1501-02.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.modzero.ch/advisories/MZ-14-02-Siemens-Unify-OpenStage.txt

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.