Sign-up

ID

VAR-202107-1913


TITLE

Unauthorized access vulnerability exists in the H3C SecPath operation and maintenance audit system

Trust: 0.6

sources: CNVD: CNVD-2021-37988

DESCRIPTION

New H3C Technology Co., Ltd. is a new IT solution provider, committed to becoming the most reliable partner for customer business innovation and digital transformation. The main products are routers, big data, switches, Internet of Things, cloud computing, servers, etc. The H3C SecPath operation and maintenance audit system has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

Trust: 0.6

sources: CNVD: CNVD-2021-37988

IOT TAXONOMY

category:['IoT']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2021-37988

AFFECTED PRODUCTS

vendor:new h3cmodel:secpath operation and maintenance audit systemscope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2021-37988

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2021-37988
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2021-37988
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2021-37988

PATCH

title:Patch for Unauthorized access vulnerability exists in the H3C SecPath operation and maintenance audit systemurl:https://www.cnvd.org.cn/patchinfo/show/288191

Trust: 0.6

sources: CNVD: CNVD-2021-37988

EXTERNAL IDS

db:CNVDid:CNVD-2021-37988

Trust: 0.6

sources: CNVD: CNVD-2021-37988

SOURCES

db:CNVDid:CNVD-2021-37988

LAST UPDATE DATE

2022-05-04T08:52:03.439000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2021-37988date:2021-08-27T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2021-37988date:2021-07-01T00:00:00