Lucene search

MitreCVE-2013-4628

HistoryJun 20, 2013 - 3:55 p.m.

CVE-2013-4628

2013-06-2015:55:01

CWE-200

mitre

web.nvd.nist.gov

huawei

quidway

s7700

s9300

s9700

campus switch

cve-2013-4628

nvd

firewall

security vulnerability

information disclosure

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

AI Score

6.1

Confidence

Low

EPSS

0.001

Percentile

41.6%

JSON

The firewall module on the Huawei Quidway Service Process Unit (SPU) board S7700, S9300, and S9700 on Huawei Campus Switch devices allows remote authenticated users to obtain sensitive information from the high-priority security zone by leveraging access to the low-priority security zone.

Affected configurations

Nvd

Node

huaweiquidway_service_process_unit_board_s7700Matchv200r001c00spc300

huaweiquidway_service_process_unit_board_s9300Matchv200r001c00spc300

huaweiquidway_service_process_unit_board_s9700Matchv200r001c00spc300

VendorProductVersionCPE
huaweiquidway_service_process_unit_board_s7700v200r001c00spc300cpe:2.3:h:huawei:quidway_service_process_unit_board_s7700:v200r001c00spc300:*:*:*:*:*:*:*
huaweiquidway_service_process_unit_board_s9300v200r001c00spc300cpe:2.3:h:huawei:quidway_service_process_unit_board_s9300:v200r001c00spc300:*:*:*:*:*:*:*
huaweiquidway_service_process_unit_board_s9700v200r001c00spc300cpe:2.3:h:huawei:quidway_service_process_unit_board_s9700:v200r001c00spc300:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
huawei	quidway_service_process_unit_board_s7700	v200r001c00spc300	cpe:2.3:h:huawei:quidway_service_process_unit_board_s7700:v200r001c00spc300:::::::*
huawei	quidway_service_process_unit_board_s9300	v200r001c00spc300	cpe:2.3:h:huawei:quidway_service_process_unit_board_s9300:v200r001c00spc300:::::::*
huawei	quidway_service_process_unit_board_s9700	v200r001c00spc300	cpe:2.3:h:huawei:quidway_service_process_unit_board_s9700:v200r001c00spc300:::::::*

References

www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-261458.htm

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

AI Score

6.1

Confidence

Low

EPSS

0.001

Percentile

41.6%

JSON

Related for CVE-2013-4628