CVE-2025-26707

Published: Mar 11, 2025Modified: Mar 11, 2025

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: psirt@zte.com.cn (Secondary)

Description

Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.05.

Related CWEs

Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References (1)

https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/6999218053484646470

Source: psirt@zte.com.cn

Timeline

No history available yet.