Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-21732

Опубликовано: 19 мая 2021
Источник: nvd
CVSS3: 7.5
CVSS2: 5
EPSS Низкий

Описание

A mobile phone of ZTE is impacted by improper access control vulnerability. Due to improper permission settings, third-party applications can read some files in the proc file system without authorization. Attackers could exploit this vulnerability to obtain sensitive information. This affects Axon 11 5G ZTE/CN_P725A12/P725A12:10/QKQ1.200816.002/20201116.175317:user/release-keys.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:zte:axon_11_5g_firmware:*:*:*:*:*:*:*:*
Версия до 2021.5.1 (исключая)
cpe:2.3:h:zte:axon_11_5g:-:*:*:*:*:*:*:*

EPSS

Процентиль: 55%
0.00322
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

github логотип

GHSA-mjhq-9rgg-c485

CVSS3: 7.5
github
больше 3 лет назад

A mobile phone of ZTE is impacted by improper access control vulnerability. Due to improper permission settings, third-party applications can read some files in the proc file system without authorization. Attackers could exploit this vulnerability to obtain sensitive information. This affects Axon 11 5G ZTE/CN_P725A12/P725A12:10/QKQ1.200816.002/20201116.175317:user/release-keys.

EPSS

Процентиль: 55%
0.00322
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-Other