Resource Management Error Vulnerability in a ZTE Product

Original release date:  23 April, 2020

 

CVE ID

CVE-2020-6866

 

CVSS 3.1 Base Score

4.4 Medium AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

 

Description

A ZTE product is impacted by a resource management error vulnerability. An attacker could exploid this vulnerability to cause a denial of service by issuing a specific command.

 

Affected Products and Fixes

Product Name

Affected Version

Resolved Version

ZXCTN 6500

V2.10.00R3B87

V2.10.00R3B87H97

 

Source

The vulnerability was found by ZTE internal testing.

 

Update Records

April 23, 2020, initial.

 

Supporting team contacts

1. ZTE GCSC hotline:

0755-26770800

800-830-1118

400-830-1118

2. Product forum at ZTE Support website.

 

ZTE PSIRT

If you need to report security vulnerabilities related to ZTE products, or get ZTE product security incident response service and vulnerability information, please contact ZTE PSIRT: psirt@zte.com.cn, PGP key ID: FF095577.

[Close]