- Updated submission from ZTE for CVE-2018-7364 from 2018-12-18.

2025-06-08 14:08:13 +00:00 · 2018-12-19 09:15:49 -05:00 · 2018-12-19 09:15:49 -05:00 · ad5daa0fc2
commit ad5daa0fc2
parent 6e99891726
1 changed files with 4 additions and 11 deletions
--- a/2018/7xxx/CVE-2018-7364.json
+++ b/2018/7xxx/CVE-2018-7364.json
@ -11,12 +11,12 @@
               "product" : {
                  "product_data" : [
                     {
-                        "product_name" : "ZXIN10-Orange",
+                        "product_name" : "ZXIN10-European region",
                        "version" : {
                           "version_data" : [
                              {
                                 "affected" : "<=",
-                                 "version_value" : " ZXINOS-RESV1.01.43"
+                                 "version_value" : "ZXINOS-RESV1.01.43"
                              }
                           ]
                        }
@ -28,12 +28,6 @@
         ]
      }
   },
-   "credit" : [
-      {
-         "lang" : "eng",
-         "value" : "Thanks to security researcher Guillaume TEXIER at Orange Cert for reporting the security vulnerability to ZTE PSIRT"
-      }
-   ],
   "data_format" : "MITRE",
   "data_type" : "CVE",
   "data_version" : "4.0",
@ -41,7 +35,7 @@
      "description_data" : [
         {
            "lang" : "eng",
-            "value" : "All versions up to ZXINOS-RESV1.01.43 of the ZTE ZXIN10 product Orange branch are impacted by improper access control vulnerability. Due to improper access control to devcomm process, an unauthorized remote attacker can exploit this vulnerability to execute arbitrary code with root privileges."
+            "value" : "All versions up to ZXINOS-RESV1.01.43 of the ZTE ZXIN10 product European region are impacted by improper access control vulnerability. Due to improper access control to devcomm process, an unauthorized remote attacker can exploit this vulnerability to execute arbitrary code with root privileges."
         }
      ]
   },
@ -67,7 +61,7 @@
            "description" : [
               {
                  "lang" : "eng",
-                  "value" : "Improper Access Control"
+                  "value" : "CWE-284: Improper Access Control"
               }
            ]
         }
@ -76,7 +70,6 @@
   "references" : {
      "reference_data" : [
         {
-            "name" : "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009943",
            "refsource" : "CONFIRM",
            "url" : "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009943"
         }