{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T20:51:35.864","vulnerabilities":[{"cve":{"id":"CVE-2024-22064","sourceIdentifier":"psirt@zte.com.cn","published":"2024-05-14T14:56:40.160","lastModified":"2025-01-28T16:12:31.863","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"ZTE ZXUN-ePDG product, which serves as the network node of the VoWifi system, under by default configuration, uses a set of non-unique cryptographic keys during establishing a secure connection(IKE) with the mobile devices connecting over the internet . If the set of keys are leaked or cracked, the user session informations using the keys may be leaked.\n\n"},{"lang":"es","value":"El producto ZTE ZXUN-ePDG, que sirve como nodo de red del sistema VoWifi, en su configuración predeterminada, utiliza un conjunto de claves criptográficas no únicas al establecer una conexión segura (IKE) con los dispositivos móviles que se conectan a través de Internet. Si el conjunto de claves se filtra o se descifra, es posible que se filtre la información de la sesión del usuario que utiliza las claves."}],"metrics":{"cvssMetricV31":[{"source":"psirt@zte.com.cn","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":5.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"psirt@zte.com.cn","type":"Secondary","description":[{"lang":"en","value":"CWE-1051"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-665"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:zte:zxun-epdg:*:*:*:*:*:*:*:*","versionEndExcluding":"5.20.20","matchCriteriaId":"428020C1-365E-4AD1-AFF7-51D3916201BE"}]}]}],"references":[{"url":"https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1035524","source":"psirt@zte.com.cn","tags":["Vendor Advisory"]},{"url":"https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1035524","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}