Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-6877

A ZTE product is impacted by an information leak vulnerability. An attacker could use this vulnerability to obtain the authentication password of the handheld terminal and access the device illegally for operation. This affects: ZXA10 eODN V2.3P2T1

Published

2020-11-05T21:15:12.940

Last Modified

2024-11-21T05:36:20.400

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.8 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:S/C:P/I:N/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: SINGLE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

8.0

Impact Score

2.9

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	zte	zxa10_eodn_firmware	2.3p2t1	Yes
Hardware	zte	zxa10_eodn	-	No

References

http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013843 Vendor Advisory ([email protected])
http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013843 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)