Details of VAR-202108-2313

ID

VAR-202108-2313

TITLE

Beijing Xingwang Ruijie Network Technology Co., Ltd. EG Easy Gateway has an arbitrary file reading vulnerability

Trust: 0.6

sources: CNVD: CNVD-2021-49176

DESCRIPTION

Ruijie Networks Co., Ltd. is a professional network manufacturer with a full range of network equipment product lines and solutions including switches, routers, software, security firewalls, wireless products, and storage. Beijing StarNet Ruijie Networks Technology Co., Ltd. EG Easy Gateway has an arbitrary file reading vulnerability. Attackers can use this vulnerability to obtain sensitive system information.

Trust: 0.6

sources: CNVD: CNVD-2021-49176

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-49176

AFFECTED PRODUCTS

vendor:

ruijie

model:

eg easy gateway

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2021-49176

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2021-49176
value:	LOW
Trust: 0.6

CNVD:	CNVD-2021-49176
severity:	LOW
baseScore:	2.1
vectorString:	AV:N/AC:H/AU:S/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2021-49176

PATCH

title:

Patch for Beijing Xingwang Ruijie Network Technology Co., Ltd. EG Easy Gateway has an arbitrary file reading vulnerability

url:

https://www.cnvd.org.cn/patchinfo/show/305526

Trust: 0.6

sources: CNVD: CNVD-2021-49176

EXTERNAL IDS

db:

CNVD

id:

CNVD-2021-49176

Trust: 0.6

sources: CNVD: CNVD-2021-49176

SOURCES

db:

CNVD

id:

CNVD-2021-49176

LAST UPDATE DATE

2022-05-04T09:41:58.233000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2021-49176

date:

2021-12-14T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2021-49176

date:

2021-08-14T00:00:00