Details of VAR-202012-1624

ID

VAR-202012-1624

TITLE

Unauthorized access vulnerability exists in the enterprise-level intelligent online behavior management system of Feiyuxing

Trust: 0.6

sources: CNVD: CNVD-2020-69455

DESCRIPTION

Chengdu Feiyuxing Technology Co., Ltd. is a company dedicated to providing intelligent and easy-to-use network communication products and services, continuously improving the quality of network use through innovative technologies, and cooperating with users to create an intelligent and humanized network management platform. An unauthorized access vulnerability exists in the enterprise-level intelligent online behavior management system of Feiyuxing. Attackers can use vulnerabilities to obtain sensitive information and perform unauthorized operations.

Trust: 0.6

sources: CNVD: CNVD-2020-69455

IOT TAXONOMY

category:

['IoT']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2020-69455

AFFECTED PRODUCTS

vendor:

feiyuxing

model:

enterprise-level intelligent online behavior management system

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2020-69455

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2020-69455
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2020-69455
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2020-69455

EXTERNAL IDS

db:

CNVD

id:

CNVD-2020-69455

Trust: 0.6

sources: CNVD: CNVD-2020-69455

SOURCES

db:

CNVD

id:

CNVD-2020-69455

LAST UPDATE DATE

2022-05-04T09:15:35.511000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2020-69455

date:

2020-12-08T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2020-69455

date:

2020-12-10T00:00:00