CVE-2022-23142

{"id": "CVE-2022-23142", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2022-07-18T15:15:08.107", "references": [{"url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1025304", "tags": ["Vendor Advisory"], "source": "psirt@zte.com.cn"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "ZXEN CG200 has a DoS vulnerability. An attacker could construct and send a large number of HTTP GET requests in a short time, which can make the product management websites not accessible."}, {"lang": "es", "value": "ZXEN versi\u00f3n CG200, presenta una vulnerabilidad DoS. Un atacante podr\u00eda construir y enviar un gran n\u00famero de peticiones HTTP GET en poco tiempo, lo que puede hacer que los sitios web de administraci\u00f3n de productos no sean accesibles"}], "lastModified": "2023-08-08T14:22:24.967", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zte:zxen_cg200_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "921581E5-48AA-4FDF-B7A5-15068B1A5B53", "versionEndExcluding": "1.0.0p1n6_m"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zte:zxen_cg200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1277997F-635B-422E-A3F4-DA6B6C85FCDF"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@zte.com.cn"}