Details of VAR-202105-1577

ID

VAR-202105-1577

TITLE

Lenovo NetMaster Security Gateway has weak password vulnerability

Trust: 0.6

sources: CNVD: CNVD-2021-30861

DESCRIPTION

Beijing Wangyu Xingyun Information Technology Co., Ltd. was renamed from Lenovo Wangyu Technology (Beijing) Co., Ltd., and its predecessor was Lenovo Group Information Security Division. The main business covers network boundary security protection, application and data security protection, and network-wide security risk management. The Lenovo Netmaster Security Gateway has weak password vulnerabilities. The attacker uses a weak password to log in to the background to obtain sensitive information.

Trust: 0.6

sources: CNVD: CNVD-2021-30861

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-30861

AFFECTED PRODUCTS

vendor:	wangyu nebula information	model:	lenovo wangyu security gateway	scope:	eq	version:	3.4.6.8(22.0.10)	Trust: 0.6
vendor:	wangyu nebula information	model:	lenovo wangyu security gateway	scope:	eq	version:	3.4.6.9(22.0.10)	Trust: 0.6

sources: CNVD: CNVD-2021-30861

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2021-30861
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2021-30861
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2021-30861

EXTERNAL IDS

db:

CNVD

id:

CNVD-2021-30861

Trust: 0.6

sources: CNVD: CNVD-2021-30861

SOURCES

db:

CNVD

id:

CNVD-2021-30861

LAST UPDATE DATE

2022-05-04T09:42:01.179000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2021-30861

date:

2021-04-29T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2021-30861

date:

2021-05-30T00:00:00