Lucene search

ZteCVELIST:CVE-2018-7365

HistoryDec 20, 2018 - 2:00 p.m.

CVE-2018-7365

2018-12-2014:00:00

CWE-426

zte

www.cve.org

5.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L

0.001 Low

EPSS

Percentile

42.9%

JSON

All versions up to ZXCLOUD iRAI V5.01.05 of the ZTE uSmartView product are impacted by untrusted search path vulnerability, which may allow an unauthorized user to perform unauthorized operations.

CNA Affected

[
  {
    "product": "uSmartView",
    "vendor": "ZTE",
    "versions": [
      {
        "lessThanOrEqual": "ZXCLOUD iRAI V5.01.05",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1010005

5.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L

0.001 Low

EPSS

Percentile

42.9%

JSON

Related for CVELIST:CVE-2018-7365