Huawei : Huawei Switches Improper Authorization Vulnerability (huawei-sa-20180328-01-authentication)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.112259

Categoría: Huawei

Título: Huawei Switches Improper Authorization Vulnerability (huawei-sa-20180328-01-authentication)

Resumen: There is an improper authorization vulnerability on Huawei switch products.; The system incorrectly performs an authorization check when a normal user attempts to access certain information; which is supposed to be accessed only by authenticated user.;; This VT has been deprecated as SA is already covered by following VT:;; - 'Huawei Data Communication: Improper Authorization Vulnerability on Huawei Switch Products (huawei-sa-20180328-01-authentication)' (OID:1.3.6.1.4.1.25623.1.0.107825)

Descripción: Summary:
There is an improper authorization vulnerability on Huawei switch products.
The system incorrectly performs an authorization check when a normal user attempts to access certain information
which is supposed to be accessed only by authenticated user.

This VT has been deprecated as SA is already covered by following VT:

- 'Huawei Data Communication: Improper Authorization Vulnerability on Huawei Switch Products (huawei-sa-20180328-01-authentication)' (OID:1.3.6.1.4.1.25623.1.0.107825)

Vulnerability Impact:
Successful exploit could cause information disclosure.

Affected Software/OS:
The following Huawei Switch models and firmware versions are affected:

Huawei Switch S12700 versions: V200R005C00, V200R006C00, V200R006C01, V200R007C00, V200R007C01, V200R007C20, V200R008C00, V200R008C06, V200R009C00, V200R010C00

Huawei Switch S7700 versions: V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R006C01, V200R007C00, V200R007C01, V200R008C00, V200R008C06, V200R009C00, V200R010C00

Huawei Switch S9700 versions: V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R006C01, V200R007C00, V200R007C01, V200R008C00, V200R009C00, V200R010C00

Solution:
Update the software according to your product:

Huawei Campus Switch S12700/S7700/S9700 fixed version: V200R010SPH002

CVSS Score:
4.0

CVSS Vector:
AV:N/AC:L/Au:S/C:P/I:N/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2017-15327

Copyright Copyright (C) 2018 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.112259
Categoría:	Huawei
Título:	Huawei Switches Improper Authorization Vulnerability (huawei-sa-20180328-01-authentication)
Resumen:	There is an improper authorization vulnerability on Huawei switch products.; The system incorrectly performs an authorization check when a normal user attempts to access certain information; which is supposed to be accessed only by authenticated user.;; This VT has been deprecated as SA is already covered by following VT:;; - 'Huawei Data Communication: Improper Authorization Vulnerability on Huawei Switch Products (huawei-sa-20180328-01-authentication)' (OID:1.3.6.1.4.1.25623.1.0.107825)
Descripción:	Summary: There is an improper authorization vulnerability on Huawei switch products. The system incorrectly performs an authorization check when a normal user attempts to access certain information which is supposed to be accessed only by authenticated user. This VT has been deprecated as SA is already covered by following VT: - 'Huawei Data Communication: Improper Authorization Vulnerability on Huawei Switch Products (huawei-sa-20180328-01-authentication)' (OID:1.3.6.1.4.1.25623.1.0.107825) Vulnerability Impact: Successful exploit could cause information disclosure. Affected Software/OS: The following Huawei Switch models and firmware versions are affected: Huawei Switch S12700 versions: V200R005C00, V200R006C00, V200R006C01, V200R007C00, V200R007C01, V200R007C20, V200R008C00, V200R008C06, V200R009C00, V200R010C00 Huawei Switch S7700 versions: V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R006C01, V200R007C00, V200R007C01, V200R008C00, V200R008C06, V200R009C00, V200R010C00 Huawei Switch S9700 versions: V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R006C01, V200R007C00, V200R007C01, V200R008C00, V200R009C00, V200R010C00 Solution: Update the software according to your product: Huawei Campus Switch S12700/S7700/S9700 fixed version: V200R010SPH002 CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-15327
Copyright	Copyright (C) 2018 Greenbone AG