Home / Early Warning / Vulnerabilidades / CVE-2019-3425

CVE-2019-3425

Type: 
Unavailable / Other
Severity: 
High
Publication date: 
11/08/2019
Last modified: 
11/14/2019
Description
The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by vulnerability of permission and access control. An attacker could exploit this vulnerability to directly reset or change passwords of other accounts.
Impact
Access Vector: Through network
Access Complexity: Low
Authentication: Not required to exploit
Impact Type: Partially affects on system integrity + Partially affects on system confidentiality + Partially affects on system availability
Vulnerable software and versions
  • cpe:2.3:o:zte:zxupn-9000e_firmware:*:*:*:*:*:*:*:*
  • cpe:2.3:h:zte:zxupn-9000e:-:*:*:*:*:*:*:*
To consult the complete list of products and versions see this page
References to Advisories, Solutions, and Tools
Explanation of fields