CVE-2019-3416

EPSS 0.16%
Veröffentlicht 23.09.2019 14:15:10
Zuletzt bearbeitet 21.11.2024 04:42:03
Quelle psirt@zte.com.cn
CVE-Watchlists
Login
Unerledigt
Login

All versions up to V81511329.1008 of ZTE ZXV10 B860A products are impacted by input validation vulnerability. Due to input validation, unauthorized users can take advantage of this vulnerability to control the user terminal system.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Zte ≫ Zxv10 B860a Firmware Version <= 81511329.1008

Zte ≫ Zxv10 B860a Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.16%	0.333

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C
psirt@zte.com.cn	8.1	1.4	6	CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011263

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2019-3416

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-3416

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-3416

EUVD