{"vulnerability": "cve-2019-2003", "sightings": [{"uuid": "949adb09-fe4b-4dfa-b293-48f401f842d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20032", "type": "seen", "source": "https://t.me/cibsecurity/13746", "content": "ATENTION\u203c New - CVE-2019-20032\n\nAn attacker with access to an InMail voicemail box equipped with the find me/follow me feature on Aspire-derived NEC PBXes, including all versions of SV8100, SV9100, SL1100 and SL2100 devices, may access the system's administration modem.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-07-29T22:55:21.000000Z"}, {"uuid": "62f81b7f-d5de-4095-b5b2-f7c5be8b485f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20031", "type": "seen", "source": "https://t.me/cibsecurity/13747", "content": "ATENTION\u203c New - CVE-2019-20031\n\nNEC UM8000, UM4730 and prior non-InMail voicemail systems with all known software versions may permit an infinite number of login attempts in the telephone user interface (TUI), effectively allowing brute force attacks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-07-29T22:55:22.000000Z"}, {"uuid": "c42985cf-a8a4-4717-8030-981733c00d42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20030", "type": "seen", "source": "https://t.me/cibsecurity/13748", "content": "ATENTION\u203c New - CVE-2019-20030\n\nAn attacker with knowledge of the modem access number on a NEC UM8000 voicemail system may use SSH tunneling or standard Linux utilities to gain access to the system's LAN port. All versions are affected.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-07-29T22:55:22.000000Z"}]}