All versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product have a file reading vulnerability. Attackers could obtain log file information without authorization, causing the disclosure of sensitive information.
References
Link | Resource |
---|---|
http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1012023 | Vendor Advisory |
Configurations
Information
Published : 2019-12-23 11:15
Updated : 2019-12-30 11:34
NVD link : CVE-2019-3429
Mitre link : CVE-2019-3429
JSON object : View
CWE
CWE-532
Insertion of Sensitive Information into Log File
Products Affected
zte
- zxcloud_goldendata_vap