Details of VAR-202106-2086

ID

VAR-202106-2086

TITLE

Inspur Group Co., Ltd. Management System has weak password vulnerability

Trust: 0.6

sources: CNVD: CNVD-2021-41510

DESCRIPTION

The business of Inspur Group Co., Ltd. covers cloud data centers, cloud service big data, smart cities, smart enterprises and other business sectors, and has formed an overall solution service capability covering four levels of infrastructure, platform software, data information and application software. The Management System of Inspur Group Co., Ltd. has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

Trust: 0.6

sources: CNVD: CNVD-2021-41510

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-41510

AFFECTED PRODUCTS

vendor:	inspur group	model:	management system bmc version	scope:	eq	version:	4.27.020201922:06:16	Trust: 0.6
vendor:	inspur group	model:	management system bios version (jun	scope:	eq	version:	4.1.1972019)	Trust: 0.6
vendor:	inspur group	model:	management system me version	scope:	eq	version:	3.1.3.38	Trust: 0.6
vendor:	inspur group	model:	management system psu0 version	scope:	eq	version:	1.000	Trust: 0.6
vendor:	inspur group	model:	management system psu1 version n/a	scope:	-	version:	-	Trust: 0.6
vendor:	inspur group	model:	management system cpu0 vr version	scope:	eq	version:	01	Trust: 0.6
vendor:	inspur group	model:	management system cpu1 vr version	scope:	eq	version:	01	Trust: 0.6
vendor:	inspur group	model:	management system mem ab vr version	scope:	eq	version:	01	Trust: 0.6
vendor:	inspur group	model:	management system mem cd vr version	scope:	eq	version:	01	Trust: 0.6
vendor:	inspur group	model:	management system mem ef vr version	scope:	eq	version:	01	Trust: 0.6
vendor:	inspur group	model:	management system mem gh vr version	scope:	eq	version:	01	Trust: 0.6
vendor:	inspur group	model:	management system fpga0 version	scope:	eq	version:	3.1	Trust: 0.6

sources: CNVD: CNVD-2021-41510

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2021-41510
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2021-41510
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2021-41510

EXTERNAL IDS

db:

CNVD

id:

CNVD-2021-41510

Trust: 0.6

sources: CNVD: CNVD-2021-41510

SOURCES

db:

CNVD

id:

CNVD-2021-41510

LAST UPDATE DATE

2022-05-04T09:49:53.093000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2021-41510

date:

2021-06-15T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2021-41510

date:

2021-06-23T00:00:00