Sign-up

ID

VAR-202107-1914


TITLE

H3C SecPath operation and maintenance audit system has command execution vulnerabilities

Trust: 0.6

sources: CNVD: CNVD-2021-42368

DESCRIPTION

New H3C Technology Co., Ltd. is a new IT solution provider, committed to becoming the most reliable partner for customer business innovation and digital transformation. The main products are routers, big data, switches, Internet of Things, cloud computing, servers, etc. The H3C SecPath operation and maintenance audit system has command execution vulnerabilities. Attackers can use this vulnerability to execute arbitrary commands.

Trust: 0.6

sources: CNVD: CNVD-2021-42368

IOT TAXONOMY

category:['IoT']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2021-42368

AFFECTED PRODUCTS

vendor:new h3cmodel:secpath operation and maintenance audit systemscope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2021-42368

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2021-42368
value: HIGH

Trust: 0.6

CNVD: CNVD-2021-42368
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2021-42368

PATCH

title:Patch for H3C SecPath operation and maintenance audit system has command execution vulnerabilitiesurl:https://www.cnvd.org.cn/patchinfo/show/288206

Trust: 0.6

sources: CNVD: CNVD-2021-42368

EXTERNAL IDS

db:CNVDid:CNVD-2021-42368

Trust: 0.6

sources: CNVD: CNVD-2021-42368

SOURCES

db:CNVDid:CNVD-2021-42368

LAST UPDATE DATE

2022-05-04T09:02:07.580000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2021-42368date:2021-08-27T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2021-42368date:2021-07-19T00:00:00