Sign-up

ID

VAR-202107-1767


TITLE

SQL injection vulnerability exists in the traffic security management of TOPSEC Technology Group

Trust: 0.6

sources: CNVD: CNVD-2021-42958

DESCRIPTION

Tianrongxin Technology Group, abbreviated as "Tianrongxin", was established on August 30, 1985. It is a leading provider of network security, big data and secure cloud services in China. There are SQL injection vulnerabilities in the traffic security management of TOPSEC Technology Group. Attackers can use vulnerabilities to obtain sensitive information in the database.

Trust: 0.6

sources: CNVD: CNVD-2021-42958

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2021-42958

AFFECTED PRODUCTS

vendor:topsecmodel:technology group traffic security managementscope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2021-42958

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2021-42958
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2021-42958
severity: MEDIUM
baseScore: 4.9
vectorString: AV:N/AC:H/AU:S/C:C/I:N/A:N
accessVector: NETWORK
accessComplexity: HIGH
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2021-42958

PATCH

title:Patch for SQL injection vulnerability exists in the traffic security management of TOPSEC Technology Groupurl:https://www.cnvd.org.cn/patchinfo/show/282211

Trust: 0.6

sources: CNVD: CNVD-2021-42958

EXTERNAL IDS

db:CNVDid:CNVD-2021-42958

Trust: 0.6

sources: CNVD: CNVD-2021-42958

SOURCES

db:CNVDid:CNVD-2021-42958

LAST UPDATE DATE

2022-05-04T09:02:07.660000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2021-42958date:2021-07-27T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2021-42958date:2021-07-19T00:00:00