Information Leak Vulnerability in A ZTE Product

Original release date: May 14, 2021
 
 

CVE ID

CVE-2021-21733

 

CVSS 3.1 Base Score

2.7 Low  (AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N) 

 

Description

The management system of ZXCDN is impacted by the information leak vulnerability. Attackers can make further analysis according to the information returned by the program, and then obtain some sensitive information.

 

Affected Products and Fixes

Product Name

Affected Version

Resolved Version

ZXCDN

All versions up to IAMV7.01.01.02

IAMV7.01.02.02

 

Source

The vulnerability was found by ZTE's internal test.

 

Update Records

May 14, 2021, initial.

 

Supporting team contacts

1.  ZTE GCSC hotline:

0755-26770800

800-830-1118

400-830-1118

2.  Product forum at ZTE Support website.

 

ZTE PSIRT

If you need to report security vulnerabilities related to ZTE products, or get ZTE product security incident response service and vulnerability information, please contact ZTE PSIRT: psirt@zte.com.cn, PGP key ID: FF095577.