Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-21733

The management system of ZXCDN is impacted by the information leak vulnerability. Attackers can make further analysis according to the information returned by the program, and then obtain some sensitive information. This affects ZXCDN V7.01 all versions up to IAMV7.01.01.02.

Published

2021-05-19T12:15:07.867

Last Modified

2024-11-21T05:48:54.137

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.9 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:S/C:P/I:N/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: SINGLE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

8.0

Impact Score

2.9

Weaknesses

Type: Primary
CWE-200

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	zte	zxcdn	< iamv7.01.02.02	Yes

References

https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1015304 Vendor Advisory ([email protected])
https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1015304 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)