CVE-2019-3419 - OpenCVE

A security vulnerability exists in a management port in the version of ZTE's ZXMP M721V3.10P01B10_M2NCP. An attacker could exploit this vulnerability to build a link to the device and send specific packets to cause a denial of service.

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Adjacent Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:A/AC:L/Au:S/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Zte	Zxmp M721 Dx Zxmp M721 Dx Firmware

Configuration 1 [-]

AND

cpe:2.3:o:zte:zxmp_m721_dx_firmware:zxmp_m721v3.10p01b10_m2ncp:*:*:*:*:*:*:*

cpe:2.3:h:zte:zxmp_m721_dx:-:*:*:*:*:*:*:*

References

Link	Resource
http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011542	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: zte

Published: 2019-10-31T15:22:19

Updated: 2019-10-31T15:22:19

Reserved: 2018-12-31T00:00:00

Link: CVE-2019-3419

JSON object: View

NVD Information

Status : Analyzed

Published: 2019-10-31T16:15:11.237

Modified: 2021-07-21T11:39:23.747

Link: CVE-2019-3419

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zte:zxmp_m721_dx_firmware:zxmp_m721v3.10p01b10_m2ncp:*:*:*:*:*:*:*", "matchCriteriaId": "D3B98119-BC8B-4629-AEAA-27B20AED1163", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zte:zxmp_m721_dx:-:*:*:*:*:*:*:*", "matchCriteriaId": "F507A399-F8A0-42FD-BA8E-99D35E27B718", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A security vulnerability exists in a management port in the version of ZTE's ZXMP M721V3.10P01B10_M2NCP. An attacker could exploit this vulnerability to build a link to the device and send specific packets to cause a denial of service."}, {"lang": "es", "value": "Se presenta una vulnerabilidad de seguridad en un puerto de administraci\u00f3n en la versi\u00f3n M721V3.10P01B10_M2NCP del dispositivo ZXMP de ZTE. Un atacante podr\u00eda explotar esta vulnerabilidad para construir un enlace en el dispositivo y enviar paquetes espec\u00edficos para causar una denegaci\u00f3n de servicio."}], "id": "CVE-2019-3419", "lastModified": "2021-07-21T11:39:23.747", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 2.7, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 5.1, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-10-31T16:15:11.237", "references": [{"source": "psirt@zte.com.cn", "tags": ["Vendor Advisory"], "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011542"}], "sourceIdentifier": "psirt@zte.com.cn", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}