Sign-up

ID

VAR-202107-1907


TITLE

Unauthorized access vulnerability exists in SecPath ACG1000 of New H3C Technology Co., Ltd.

Trust: 0.6

sources: CNVD: CNVD-2021-40223

DESCRIPTION

SecPath ACG1000 is a new generation of virtualized application control gateway specially designed for NFV and cloud computing environment. New H3C Technology Co., Ltd. SecPath ACG1000 has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

Trust: 0.6

sources: CNVD: CNVD-2021-40223

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2021-40223

AFFECTED PRODUCTS

vendor:new h3cmodel:secpath acg1000 management pagescope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2021-40223

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2021-40223
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2021-40223
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2021-40223

PATCH

title:Patch for Unauthorized access vulnerability exists in SecPath ACG1000 of New H3C Technology Co., Ltd.url:https://www.cnvd.org.cn/patchinfo/show/288201

Trust: 0.6

sources: CNVD: CNVD-2021-40223

EXTERNAL IDS

db:CNVDid:CNVD-2021-40223

Trust: 0.6

sources: CNVD: CNVD-2021-40223

SOURCES

db:CNVDid:CNVD-2021-40223

LAST UPDATE DATE

2022-05-04T10:10:31.174000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2021-40223date:2021-08-27T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2021-40223date:2021-07-11T00:00:00