Unrated severityNVD Advisory· Published Jul 23, 2002· Updated Apr 16, 2026

CVE-2002-0674

Description

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 does not "time out" an inactive administrator session, which could allow other users to perform administrator actions if the administrator does not explicitly end the authentication.

Affected products

Pingtel/Xpressa2 versions
cpe:2.3:h:pingtel:xpressa:1.2.5:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:h:pingtel:xpressa:1.2.5:*:*:*:*:*:*:*
- cpe:2.3:h:pingtel:xpressa:1.2.7.4:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.atstake.com/research/advisories/2002/a071202-1.txtnvd
www.pingtel.com/PingtelAtStakeAdvisoryResponse.jspnvd
www.securityfocus.com/bid/5221nvd
exchange.xforce.ibmcloud.com/vulnerabilities/9569nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000