CVE-2020-6867
Published Apr 30, 2020
Last updated 2 years ago
Overview
- Description
- ZTE's SDON controller is impacted by the resource management error vulnerability. When RPC is frequently called by other applications in the case of mass traffic data in the system, it will result in no response for a long time and memory overflow risk. This affects: ZENIC ONE R22b versions V16.19.10P02SP002 and V16.19.10P02SP005.
- Source
- psirt@zte.com.cn
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 5.5
- Impact score
- 3.6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:N/I:N/A:P
Weaknesses
- nvd@nist.gov
- CWE-119
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zte:zenic_one_r22b:6.19.10p02sp005:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F5876A67-E2FB-4847-AD2F-0D013CE9ADDD"
},
{
"criteria": "cpe:2.3:a:zte:zenic_one_r22b:16.19.10p02sp002:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0C8E7293-C414-4694-B629-FD8AEC8F171F"
}
],
"operator": "OR"
}
]
}
]