|
Original release date: 6 June 2019 CVE ID CVE-2019-3413 CVSS 3.0 Base Score 5.4 Medium(AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N) Description All versions up to V20.18.40.R7.B1 of ZTE NetNumen DAP product have an XSS vulnerability.Due to the lack of correct validation of client data in WEB applications, which results in users being hijacked.
Affected Products and Fixes Product Name | Affected Version | Resolved Version | NetNumen DAP | All versions up to NetNumen DAP V20.18.40.R7.B1 | NetNumen DAP V20.19.40.R2.B1 |
Source The vulnerability was found by ZTE internal testing. Update Records 6 June 2019, initial. Supporting team contacts 1. ZTE GCSC hotline: 0755-26770800 800-830-1118 400-830-1118 2. Product forum at ZTE Support website. ZTE PSIRT If you need to feedback or report security vulnerabilities related to ZTE products, or get ZTE product security incident response service and vulnerability information, please contact ZTE PSIRT: psirt@zte.com.cn, PGP key ID: FF095577.
|