Huawei : Huawei Switches Improper Authorization Vulnerability (huawei-sa-20180328-01-authentication)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 146377 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.112259

Kategorie: Huawei

Titel: Huawei Switches Improper Authorization Vulnerability (huawei-sa-20180328-01-authentication)

Zusammenfassung: There is an improper authorization vulnerability on Huawei switch products.; The system incorrectly performs an authorization check when a normal user attempts to access certain information; which is supposed to be accessed only by authenticated user.;; This VT has been deprecated as SA is already covered by following VT:;; - 'Huawei Data Communication: Improper Authorization Vulnerability on Huawei Switch Products (huawei-sa-20180328-01-authentication)' (OID:1.3.6.1.4.1.25623.1.0.107825)

Beschreibung: Summary:
There is an improper authorization vulnerability on Huawei switch products.
The system incorrectly performs an authorization check when a normal user attempts to access certain information
which is supposed to be accessed only by authenticated user.

This VT has been deprecated as SA is already covered by following VT:

- 'Huawei Data Communication: Improper Authorization Vulnerability on Huawei Switch Products (huawei-sa-20180328-01-authentication)' (OID:1.3.6.1.4.1.25623.1.0.107825)

Vulnerability Impact:
Successful exploit could cause information disclosure.

Affected Software/OS:
The following Huawei Switch models and firmware versions are affected:

Huawei Switch S12700 versions: V200R005C00, V200R006C00, V200R006C01, V200R007C00, V200R007C01, V200R007C20, V200R008C00, V200R008C06, V200R009C00, V200R010C00

Huawei Switch S7700 versions: V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R006C01, V200R007C00, V200R007C01, V200R008C00, V200R008C06, V200R009C00, V200R010C00

Huawei Switch S9700 versions: V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R006C01, V200R007C00, V200R007C01, V200R008C00, V200R009C00, V200R010C00

Solution:
Update the software according to your product:

Huawei Campus Switch S12700/S7700/S9700 fixed version: V200R010SPH002

CVSS Score:
4.0

CVSS Vector:
AV:N/AC:L/Au:S/C:P/I:N/A:N

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2017-15327

Copyright Copyright (C) 2018 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.112259
Kategorie:	Huawei
Titel:	Huawei Switches Improper Authorization Vulnerability (huawei-sa-20180328-01-authentication)
Zusammenfassung:	There is an improper authorization vulnerability on Huawei switch products.; The system incorrectly performs an authorization check when a normal user attempts to access certain information; which is supposed to be accessed only by authenticated user.;; This VT has been deprecated as SA is already covered by following VT:;; - 'Huawei Data Communication: Improper Authorization Vulnerability on Huawei Switch Products (huawei-sa-20180328-01-authentication)' (OID:1.3.6.1.4.1.25623.1.0.107825)
Beschreibung:	Summary: There is an improper authorization vulnerability on Huawei switch products. The system incorrectly performs an authorization check when a normal user attempts to access certain information which is supposed to be accessed only by authenticated user. This VT has been deprecated as SA is already covered by following VT: - 'Huawei Data Communication: Improper Authorization Vulnerability on Huawei Switch Products (huawei-sa-20180328-01-authentication)' (OID:1.3.6.1.4.1.25623.1.0.107825) Vulnerability Impact: Successful exploit could cause information disclosure. Affected Software/OS: The following Huawei Switch models and firmware versions are affected: Huawei Switch S12700 versions: V200R005C00, V200R006C00, V200R006C01, V200R007C00, V200R007C01, V200R007C20, V200R008C00, V200R008C06, V200R009C00, V200R010C00 Huawei Switch S7700 versions: V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R006C01, V200R007C00, V200R007C01, V200R008C00, V200R008C06, V200R009C00, V200R010C00 Huawei Switch S9700 versions: V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R006C01, V200R007C00, V200R007C01, V200R008C00, V200R009C00, V200R010C00 Solution: Update the software according to your product: Huawei Campus Switch S12700/S7700/S9700 fixed version: V200R010SPH002 CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-15327
Copyright	Copyright (C) 2018 Greenbone AG