PT-2019-16583 · Zte · Zxcloud Goldendata Vap

Published

2019-12-23

Updated

2021-07-21

CVE-2019-3431

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions ZTE ZXCLOUD GoldenData VAP product versions prior to V4.01.01.02

Description The issue concerns encryption problems, allowing attackers to intercept unencrypted account and password information through the network, potentially gaining access to the front-end system.

Recommendations For versions prior to V4.01.01.02, update to version V4.01.01.02 or later to resolve the encryption problems and prevent unauthorized access.

Fix

Insufficiently Protected Credentials

Missing Encryption of Sensitive Data

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-522CWE-311

Related Identifiers

CVE-2019-3431

Affected Products

Zxcloud Goldendata Vap

PT-2019-16583 · Zte · Zxcloud Goldendata Vap

CVE-2019-3431

Weakness Enumeration

Related Identifiers

Affected Products

References · 3