CVE-2002-0674

CVSS 7.2 - HIGH

Description

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 does not "time out" an inactive administrator session, which could allow other users to perform administrator actions if the administrator does not explicitly end the authentication.

Affected Products

2

Vendor	Product	Version
pingtel	xpressa	`1.2.5`
pingtel	xpressa	`1.2.7.4`

References

http://www.atstake.com/research/advisories/2002/a0...

http://www.pingtel.com/PingtelAtStakeAdvisoryRespo...

http://www.securityfocus.com/bid/5221

https://exchange.xforce.ibmcloud.com/vulnerabiliti...

http://www.atstake.com/research/advisories/2002/a0...

http://www.pingtel.com/PingtelAtStakeAdvisoryRespo...

http://www.securityfocus.com/bid/5221

https://exchange.xforce.ibmcloud.com/vulnerabiliti...

Weakness Types

NVD-CWE-Other

CVE Information

CVE ID:: CVE-2002-0674
Published:: 2002-07-23
Modified:: 2026-04-16
CVSS Score:: 7.2
Severity:: HIGH
Vector:: AV:L/AC:L/Au:N/C:C/I:C/A:C

Affected Vendors

pingtel

Quick Actions

View on NVD Find Similar CVEs

CVSS Severity Scale

0.0 - 3.9 LOW

4.0 - 6.9 MEDIUM

7.0 - 8.9 HIGH

9.0 - 10.0 CRITICAL