There is an improper authentication vulnerability in Hero-CT060 before 1.0.0.200. The vulnerability is due to that when an user wants to do certain operation, the software does not insufficiently validate the user's identity. Successful exploit could allow the attacker to do certain operations which the user are supposed not to do.
References
Link | Resource |
---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210929-01-auth-en | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
18 Oct 2021, 18:09
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:huawei:hero-ct060_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:huawei:hero-ct060:-:*:*:*:*:*:*:* |
|
References | (MISC) https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210929-01-auth-en - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
CWE | CWE-287 |
11 Oct 2021, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-10-11 16:15
Updated : 2024-02-04 22:08
NVD link : CVE-2021-37123
Mitre link : CVE-2021-37123
CVE.ORG link : CVE-2021-37123
JSON object : View
Products Affected
huawei
- hero-ct060_firmware
- hero-ct060
CWE
CWE-287
Improper Authentication