|
Initial release date: February 25, 2021 CVE ID CVE-2021-21724 CVSS 3.1 Base Score 4.4 Medium (AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H) Description A ZTE product has a memory leak vulnerability. Due to the product's improper handling of memory release in certain scenarios, a local attacker with device permissions repeatedly attenuated the optical signal to cause memory leak and abnormal service. Affected Products and Fixes Product Name | Affected Version | Resolved Version | ZXR10 8900E | all versions up to V3.03.20R2B30P1 | V3.03.20R2B30P12 |
Source The vulnerability was found by ZTE's internal test. Update Records February 25, 2021, initial. Supporting team contacts 1. ZTE GCSC hotline: 0755-26770800 800-830-1118 400-830-1118 2. Product forum at ZTE Support website. ZTE PSIRT If you need to report security vulnerabilities related to ZTE products, or get ZTE product security incident response service and vulnerability information, please contact ZTE PSIRT: psirt@zte.com.cn, PGP key ID: FF095577.
|