Details of VAR-202106-2331

ID

VAR-202106-2331

TITLE

Tiandiweiye electronic proctoring system has weak password loopholes

Trust: 0.6

sources: CNVD: CNVD-2021-35874

DESCRIPTION

Tiandi Weiye is an intelligent security solution provider. Based on artificial intelligence, big data, cloud computing, Internet of Things and other technologies, it provides intelligent video products, system solutions and High-quality technical services. Tiandiweiye electronic invigilation system has weak password loopholes. Attackers can use this vulnerability to obtain sensitive information.

Trust: 0.6

sources: CNVD: CNVD-2021-35874

IOT TAXONOMY

category:

['IoT']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-35874

AFFECTED PRODUCTS

vendor:	tiandi weiye digital	model:	electronic invigilation system	scope:	eq	version:	12.3.2019.75538	Trust: 0.6
vendor:	tiandi weiye digital	model:	electronic invigilation system	scope:	eq	version:	10.1.2017.74520	Trust: 0.6

sources: CNVD: CNVD-2021-35874

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2021-35874
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2021-35874
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2021-35874

EXTERNAL IDS

db:

CNVD

id:

CNVD-2021-35874

Trust: 0.6

sources: CNVD: CNVD-2021-35874

SOURCES

db:

CNVD

id:

CNVD-2021-35874

LAST UPDATE DATE

2022-05-04T09:55:12.414000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2021-35874

date:

2021-05-20T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2021-35874

date:

2021-06-20T00:00:00