Vulnerabilities > CVE-2020-6875 - Improper Restriction of Excessive Authentication Attempts vulnerability in ZTE Zxone 19700 Snpe Firmware Zxone8700V1.40R2B13Snpe

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

zte

CWE-307

NVD

Published: 2020-10-05

Updated: 2021-07-21

Summary

A ZTE product is impacted by the improper access control vulnerability. Due to lack of an authentication protection mechanism in the program, attackers could use this vulnerability to gain access right through brute-force attacks. This affects: <ZXONE 19700 SNPE><ZXONE8700V1.40R2B13_SNPE>

Vulnerable Configurations

Part	Description	Count
OS	Zte ZTE Zxone 19700 Snpe Firmware Zxone8700V1.40R2B13_Snpe	1
Hardware	Zte ZTE Zxone 19700 Snpe -	1

Common Weakness Enumeration (CWE)

CWE-307 - Improper Restriction of Excessive Authentication Attempts

References

http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013643