First published: Fri Nov 22 2019(Updated: )
The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a configuration error vulnerability. An attacker could directly access the management portal in HTTP, resulting in users’ information leakage.
Credit: psirt@zte.com.cn
Affected Software | Affected Version | How to fix |
---|---|---|
Zte Zxcdn Iamweb Firmware | =6.01.03.01 | |
ZTE ZXCDN IAMWEB |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The CVE-2019-3428 vulnerability in ZTE ZXCDN IAMWEB product is a configuration error that allows attackers to access the management portal in HTTP, leading to information leakage.
CVE-2019-3428 vulnerability has a severity rating of 6.5, categorized as medium severity.
The ZTE ZXCDN IAMWEB firmware version 6.01.03.01 is impacted by the CVE-2019-3428 vulnerability.
To address CVE-2019-3428 vulnerability, update the ZTE ZXCDN IAMWEB firmware to a version that has this issue resolved.