|
Original Release Date: July 09 2024 Vulnerability ID CVE ID: CVE-2024-22062 CNNVD ID: CNNVD-2024-98760992 CVSS 3.1 Base Score 6.3 Medium (AV:P/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L) Description There is a permissions and access control vulnerability in ZXCLOUD IRAI.An attacker can elevate non-administrator permissions to administrator permissions by modifying the configuration. Affected Products and Fixes Product Name | Affected Version | Resolved Version | ZXCLOUD IRAI | ClientV7.23.31 and earlier | ClientV7.23.40 |
Acknowledgement ZTE thanks Liu Yiyang for paying attention to our products and cooperating with us to disclose vulnerabilities. Update Records July 09 2024, initial. Version Update Method Please contact ZTE Global Customer Support Center to obtain the upgraded version. Global Customer Support Center http://support.zte.com.cn/support/web/Contact.aspx?_langType=en ZTE PSIRT https://www.zte.com.cn/global/cybersecurity/ztepsirt.html
|