Details of VAR-202207-2121

ID

VAR-202207-2121

TITLE

Weak Password Vulnerability Exists in Beijing Net Royal Nebula Information Technology Co., Ltd. Net Royal Security Gateway

Trust: 0.6

sources: CNVD: CNVD-2022-43128

DESCRIPTION

Beijing Net Royal Nebula Information Technology Co., Ltd. is a leading enterprise in the domestic information security industry, specializing in the research and development, production and sales of information security products, and providing hierarchical overall security solutions and professional security services for user information systems. There is a weak password vulnerability in the Beijing Net Royal Nebula Information Technology Co., Ltd. Net Royal Security Gateway, which can be exploited by attackers to obtain sensitive information.

Trust: 0.6

sources: CNVD: CNVD-2022-43128

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2022-43128

AFFECTED PRODUCTS

vendor:	net royal nebula information	model:	security gateway	scope:	eq	version:	3.4.6.15	Trust: 0.6
vendor:	net royal nebula information	model:	security gateway	scope:	eq	version:	3.4.6.8	Trust: 0.6
vendor:	net royal nebula information	model:	security gateway	scope:	eq	version:	3.4.6.9	Trust: 0.6

sources: CNVD: CNVD-2022-43128

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2022-43128
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2022-43128
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2022-43128

PATCH

title:

Patch for Weak Password Vulnerability Exists in Beijing Net Royal Nebula Information Technology Co., Ltd. Net Royal Security Gateway

url:

https://www.cnvd.org.cn/patchinfo/show/340776

Trust: 0.6

sources: CNVD: CNVD-2022-43128

EXTERNAL IDS

db:

CNVD

id:

CNVD-2022-43128

Trust: 0.6

sources: CNVD: CNVD-2022-43128

SOURCES

db:

CNVD

id:

CNVD-2022-43128

LAST UPDATE DATE

2023-09-28T22:54:30.892000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2022-43128

date:

2022-07-23T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2022-43128

date:

2022-07-23T00:00:00