Details of VAR-202103-1804

ID

VAR-202103-1804

TITLE

Cxcms has logic flaw vulnerability

Trust: 0.6

sources: CNVD: CNVD-2021-15561

DESCRIPTION

Changshu Changxiang Computer Information Technology Co., Ltd. was established in July 2010 to provide enterprises with services such as website construction, WeChat applet, official account, management software, Internet of Things, management software customized development, and has a number of software copyrights. Cxcms has a logic flaw vulnerability, which can be exploited by attackers to obtain sensitive information.

Trust: 0.6

sources: CNVD: CNVD-2021-15561

IOT TAXONOMY

category:

['IoT']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-15561

AFFECTED PRODUCTS

vendor:

changshu changxiang computer information

model:

cxcms

scope:

version:

v4.0

Trust: 0.6

sources: CNVD: CNVD-2021-15561

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2021-15561
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2021-15561
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2021-15561

EXTERNAL IDS

db:

CNVD

id:

CNVD-2021-15561

Trust: 0.6

sources: CNVD: CNVD-2021-15561

SOURCES

db:

CNVD

id:

CNVD-2021-15561

LAST UPDATE DATE

2022-05-04T09:02:11.634000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2021-15561

date:

2021-03-09T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2021-15561

date:

2021-03-20T00:00:00