CVE-2020-6877

A ZTE product is impacted by an information leak vulnerability. An attacker could use this vulnerability to obtain the authentication password of the handheld terminal and access the device illegally for operation. This affects: ZXA10 eODN V2.3P2T1
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
zteCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 53%
VendorProductVersion
ztezxa10_eodn_firmware
2.3p2t1:p2t1
𝑥
= Vulnerable software versions
References
http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013843
http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013843