Vulnerability Description
All versions up to ZXCLOUD iRAI V5.01.05 of the ZTE uSmartView product are impacted by untrusted search path vulnerability, which may allow an unauthorized user to perform unauthorized operations.
CVSS Score
5.1
MEDIUM
CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Zte | Zxcloud Irai | <= 5.01.05 |
| Zte | Usmartview | - |
Related Weaknesses (CWE)
References
- http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1010005Vendor Advisory
- http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1010005Vendor Advisory
FAQ
What is CVE-2018-7365?
CVE-2018-7365 is a vulnerability with a CVSS score of 5.1 (MEDIUM). All versions up to ZXCLOUD iRAI V5.01.05 of the ZTE uSmartView product are impacted by untrusted search path vulnerability, which may allow an unauthorized user to perform unauthorized operations.
How severe is CVE-2018-7365?
CVE-2018-7365 has been rated MEDIUM with a CVSS base score of 5.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-7365?
Check the references section above for vendor advisories and patch information. Affected products include: Zte Zxcloud Irai, Zte Usmartview.