CVE-2021-21742
First published: Fri Sep 24 2021(Updated: )
There is an information leak vulnerability in the message service app of a ZTE mobile phone. Due to improper parameter settings, attackers could use this vulnerability to obtain some sensitive information of users by accessing specific pages.
Credit: psirt@zte.com.cn
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zte Axon 30 Pro Message Service | =5.3.1.2103091059 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID of this information leak vulnerability?
The vulnerability ID is CVE-2021-21742.
What is the severity rating of CVE-2021-21742?
The severity rating of CVE-2021-21742 is medium with a severity value of 5.5.
Which ZTE mobile phone is affected by this vulnerability?
The ZTE Axon 30 Pro Message Service app version 5.3.1.2103091059 is affected by this vulnerability.
How can attackers exploit this vulnerability?
Attackers can exploit this vulnerability by accessing specific pages of the ZTE Axon 30 Pro Message Service app and obtaining sensitive information of users.
Is there a fix available for CVE-2021-21742?
Yes, ZTE has released a fix for CVE-2021-21742. Please refer to the ZTE support website for more information.
- collector/nvd-index
- agent/severity
- agent/author
- agent/references
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/zte
- canonical/zte axon 30 pro message service
- version/zte axon 30 pro message service/5.3.1.2103091059