{"containers": {"cna": {"affected": [{"product": "ZXA10 eODN", "vendor": "n/a", "versions": [{"status": "affected", "version": "V2.3P2T1"}]}], "descriptions": [{"lang": "en", "value": "A ZTE product is impacted by an information leak vulnerability. An attacker could use this vulnerability to obtain the authentication password of the handheld terminal and access the device illegally for operation. This affects: ZXA10 eODN V2.3P2T1"}], "problemTypes": [{"descriptions": [{"description": "Information Leak", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-11-05T20:26:05", "orgId": "6786b568-6808-4982-b61f-398b0d9679eb", "shortName": "zte"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013843"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@zte.com.cn", "ID": "CVE-2020-6877", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "ZXA10 eODN", "version": {"version_data": [{"version_value": "V2.3P2T1"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A ZTE product is impacted by an information leak vulnerability. An attacker could use this vulnerability to obtain the authentication password of the handheld terminal and access the device illegally for operation. This affects: ZXA10 eODN V2.3P2T1"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Information Leak"}]}]}, "references": {"reference_data": [{"name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013843", "refsource": "MISC", "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013843"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T09:11:05.207Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013843"}]}]}, "cveMetadata": {"assignerOrgId": "6786b568-6808-4982-b61f-398b0d9679eb", "assignerShortName": "zte", "cveId": "CVE-2020-6877", "datePublished": "2020-11-05T20:26:05", "dateReserved": "2020-01-13T00:00:00", "dateUpdated": "2024-08-04T09:11:05.207Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zte:zxa10_eodn_firmware:2.3p2t1:*:*:*:*:*:*:*", "matchCriteriaId": "4A106D79-E958-4612-A267-23B30362AB46", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zte:zxa10_eodn:-:*:*:*:*:*:*:*", "matchCriteriaId": "18AA692E-CA8C-4903-94AE-49544F0D2A75", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A ZTE product is impacted by an information leak vulnerability. An attacker could use this vulnerability to obtain the authentication password of the handheld terminal and access the device illegally for operation. This affects: ZXA10 eODN V2.3P2T1"}, {"lang": "es", "value": "Un producto ZTE est\u00e1 afectado por una vulnerabilidad de filtrado de informaci\u00f3n. Un atacante podr\u00eda usar esta vulnerabilidad para obtener la contrase\u00f1a de autenticaci\u00f3n del terminal port\u00e1til y acceder ilegalmente al dispositivo para su funcionamiento. Esto afecta: ZXA10 eODN V2.3P2T1"}], "id": "CVE-2020-6877", "lastModified": "2024-11-21T05:36:20.400", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-11-05T21:15:12.940", "references": [{"source": "psirt@zte.com.cn", "tags": ["Vendor Advisory"], "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013843"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013843"}], "sourceIdentifier": "psirt@zte.com.cn", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}