Sign-up

ID

VAR-202103-1805


TITLE

Unauthorized access vulnerability exists in the Eas7 integrated management platform of Tiandi Weiye Technology Co., Ltd.

Trust: 0.6

sources: CNVD: CNVD-2021-15546

DESCRIPTION

Tiandi Weiye is the world's leading provider of smart security solutions. Based on artificial intelligence, big data, cloud computing, Internet of Things and other technologies, it provides smart video products and systems for public security, politics and law, transportation, finance, education, water conservancy, environmental protection and other industries. Solutions and high-quality technical services. An unauthorized access vulnerability exists in the Eas7 integrated management platform of Tiandi Weiye Technology Co., Ltd., which can be exploited by attackers to access the web.xml file.

Trust: 0.6

sources: CNVD: CNVD-2021-15546

IOT TAXONOMY

category:['IoT']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2021-15546

AFFECTED PRODUCTS

vendor:tiandi weiyemodel:eas7 integrated management platformscope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2021-15546

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2021-15546
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2021-15546
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2021-15546

EXTERNAL IDS

db:CNVDid:CNVD-2021-15546

Trust: 0.6

sources: CNVD: CNVD-2021-15546

SOURCES

db:CNVDid:CNVD-2021-15546

LAST UPDATE DATE

2022-05-04T10:18:01.602000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2021-15546date:2021-03-09T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2021-15546date:2021-03-21T00:00:00