Vulnerability Key Information Vulnerability Title Information Leak Vulnerability in a ZTE Product Vulnerability Identifier CVE ID: CVE-2020-6865 Vulnerability Rating CVSS 3.1 Base Score: 4.1 (Medium) Vulnerability Description ZTE SDN controller platform is affected by an information leakage vulnerability. Due to the program's failure to properly handle response to failed requests, the caller can directly view the internal error code location of the component. Attackers could exploit this vulnerability to obtain sensitive information. Affected Products and Fixes Vulnerability Source The vulnerability was discovered by ZTE's internal testing. Update Record April 17, 2020, initial. Technical Support Contact Information ZTE GCSC Hotline: 0755-26770800, 800-830-1118, 400-830-1118 Product forum at ZTE Support website. ZTE PSIRT If you need to report security vulnerabilities related to ZTE products, or require ZTE product security incident response services and vulnerability information, please contact ZTE PSIRT: psirt@zte.com.cn, PGP key ID: FF095577.