CVE-2021-21734
Published May 28, 2021
Last updated 3 years ago
Overview
- Description
- Some PON MDU devices of ZTE stored sensitive information in plaintext, and users with login authority can obtain it by inputing command. This affects: ZTE PON MDU device ZXA10 F821 V1.7.0P3T22, ZXA10 F822 V1.4.3T6, ZXA10 F819 V1.2.1T5, ZXA10 F832 V1.1.1T7, ZXA10 F839 V1.1.0T8, ZXA10 F809 V3.2.1T1, ZXA10 F822P V1.1.1T7, ZXA10 F832 V2.00.00.01
- Source
- psirt@zte.com.cn
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 4
- Impact score
- 2.9
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-312
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zte:zxa10_f821:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "7275080B-F405-4F16-BBA1-18B6593E436F"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zte:zxa10_f821_firmware:1.7.0p3t22:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FCE43313-2022-402E-BCE9-ABCBEB808AE5"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zte:zxa10_f822:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2B0BDBCB-3BB7-4617-8609-EA55C8713339"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zte:zxa10_f822_firmware:1.4.3t6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2A270CC4-2665-4C94-9A45-60548B4F65E4"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zte:zxa10_f819:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "DB2449F0-8878-4A2C-85B0-A2BE47093C8E"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zte:zxa10_f819_firmware:1.2.1t5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DA081EEC-B261-4375-81EF-9B1A611E68A6"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zte:zxa10_f832:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F18AB723-BF7F-40DE-847B-7917E72E27AD"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zte:zxa10_f832_firmware:1.1.1t7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "861128EC-918B-48C9-A3FD-63AA7E882583"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zte:zxa10_f839:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9EDACCE0-CC7B-4CCC-B4E3-EDFDEA828B19"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zte:zxa10_f839_firmware:1.1.0t8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BC7469E5-480E-4C31-83C7-B568197DDB23"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zte:zxa10_f809:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "87C5A538-7833-4592-A175-31D317C667A3"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zte:zxa10_f809_firmware:3.2.1t1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3EB1E47E-4F1C-4144-B24D-82A64C784090"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zte:zxa10_f822p:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "0813EB37-1C6F-475E-9F27-A253A5716F23"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zte:zxa10_f822p_firmware:1.1.1t7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "13A30B20-5E0E-4877-BAFD-531710F82A2C"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zte:zxa10_f832v2:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "7F94D8D4-4355-4435-AAAB-122505FE7980"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zte:zxa10_f832v2_firmware:2.00.00.01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "030E5E6C-191B-4094-B121-B942020A3FEB"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]