CVE-2017-15327 Information
Description
S12700 V200R005C00 V200R006C00 V200R006C01 V200R007C00 V200R007C01 V200R007C20 V200R008C00 V200R008C06 V200R009C00 V200R010C00 S7700 V200R001C00 V200R001C01 V200R002C00 V200R003C00 V200R005C00 V200R006C00 V200R006C01 V200R007C00 V200R007C01 V200R008C00 V200R008C06 V200R009C00 V200R010C00 S9700 V200R001C00 V200R001C01 V200R002C00 V200R003C00 V200R005C00 V200R006C00 V200R006C01 V200R007C00 V200R007C01 V200R008C00 V200R009C00 V200R010C00 have an improper authorization vulnerability on Huawei switch products. The system incorrectly performs an authorization check when a normal user attempts to access certain information which is supposed to be accessed only by authenticated user. Successful exploit could cause information disclosure.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Reference
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180328-01-authentication-en
Attack Complexity
LOW
Privileges Required
LOW
User Interaction Required
LOW
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
LOW
Availability Impact
NONE
Base Score
NONE
Base Severity
4.3
Share on: