{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-04T12:25:08.436","vulnerabilities":[{"cve":{"id":"CVE-2021-21731","sourceIdentifier":"psirt@zte.com.cn","published":"2021-04-13T16:15:12.513","lastModified":"2025-01-28T15:36:03.663","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A CSRF vulnerability exists in the management page of a ZTE product.The vulnerability is caused because the management page does not fully verify whether the request comes from a trusted user. The attacker could submit a malicious request to the affected device to delete the data. This affects: ZXCLOUD iRAI All versions up to KVM-ProductV6.03.04"},{"lang":"es","value":"Se presenta una vulnerabilidad de tipo CSRF en la página de administración de un producto ZTE. La vulnerabilidad es debido a que la página de administración no verifica completamente si la petición proviene de un usuario confiable. El atacante podría enviar una petición maliciosa hacia el dispositivo afectado para eliminar los datos. Esto afecta: ZXCLOUD iRAI Todas las versiones hasta KVM-ProductV6.03.04"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:P","baseScore":5.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:zte:zxcloud_irai:*:*:*:*:*:*:*:*","versionEndExcluding":"6.03.04","matchCriteriaId":"9EFAC29A-DE5B-42C6-9A48-8AE6419DB37C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:a:zte:zxcloud_irai:-:*:*:*:*:*:*:*","matchCriteriaId":"96352962-7748-44B8-9490-B95202771469"}]}]}],"references":[{"url":"https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1014824","source":"psirt@zte.com.cn","tags":["Vendor Advisory"]},{"url":"https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1014824","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}