Details of VAR-202312-2736

ID

VAR-202312-2736

TITLE

Ruijie EG2000UE has an information leakage vulnerability (CNVD-2023-97847)

Trust: 0.6

sources: CNVD: CNVD-2023-97847

DESCRIPTION

Beijing Xingwang Ruijie Network Technology Co., Ltd. is a professional network manufacturer with a full range of network equipment product lines and solutions including switches, routers, software, security firewalls, wireless products, storage, etc. Ruijie EG2000UE has an information leakage vulnerability that allows attackers to obtain sensitive server information.

Trust: 0.6

sources: CNVD: CNVD-2023-97847

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2023-97847

AFFECTED PRODUCTS

vendor:

starnet ruijie network

model:

eg2000ue

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2023-97847

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2023-97847
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2023-97847
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2023-97847

PATCH

title:

Patch for Ruijie EG2000UE has an information leakage vulnerability (CNVD-2023-97847)

url:

https://www.cnvd.org.cn/patchinfo/show/494551

Trust: 0.6

sources: CNVD: CNVD-2023-97847

EXTERNAL IDS

db:

CNVD

id:

CNVD-2023-97847

Trust: 0.6

sources: CNVD: CNVD-2023-97847

SOURCES

db:

CNVD

id:

CNVD-2023-97847

LAST UPDATE DATE

2024-03-07T22:55:59.879000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2023-97847

date:

2023-12-15T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2023-97847

date:

2023-12-28T00:00:00