Lucene search
Huawei TechnologiesHUAWEI-SA-20150121-01-QUIDWAY-SWITCHESHistoryJan 21, 2015 - 12:00 a.m.
Security Advisory-Authority Control Vulnerability in Quidway Switches
2015-01-2100:00:00
Huawei Technologies
www.huawei.com
14
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.005
Percentile
77.0%
Huawei Quidway switches have the authority control vulnerability in access authentication, which may be exploited by attackers to obtain higher access permissions. (Vulnerability ID: HWPSIRT-2014-11119)
This Vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2015-1460.
Currently, official fixes are available.
Affected configurations
Node
huaweis2350_firmwareMatchv200r003c00spc300
ORhuaweis2750_firmwareMatchv200r003c00spc300
ORhuaweiquidway_s5300_firmwareMatchv200r003c00spc300
ORhuaweiquidway_s5700_firmwareMatchv200r003c00spc300
ORhuaweiquidway_s6300_firmwareMatchv200r003c00spc300
ORhuaweiquidway_s6700_firmwareMatchv200r003c00spc300
ORhuaweiquidway_s7700_firmwareMatchv200r003c00spc300
ORhuaweiquidway_s7700_firmwareMatchv200r003c00spc500
ORhuaweiquidway_s9300_firmwareMatchv200r003c00spc300
ORhuaweiquidway_s9300_firmwareMatchv200r003c00spc500
ORhuaweiquidway_s9700_firmwareMatchv200r003c00spc300
ORhuaweiquidway_s9700_firmwareMatchv200r003c00spc500
| Vendor | Product | Version | CPE |
|---|---|---|---|
| huawei | s2350_firmware | v200r003c00spc300 | cpe:2.3:o:huawei:s2350_firmware:v200r003c00spc300:*:*:*:*:*:*:* |
| huawei | s2750_firmware | v200r003c00spc300 | cpe:2.3:o:huawei:s2750_firmware:v200r003c00spc300:*:*:*:*:*:*:* |
| huawei | quidway_s5300_firmware | v200r003c00spc300 | cpe:2.3:o:huawei:quidway_s5300_firmware:v200r003c00spc300:*:*:*:*:*:*:* |
| huawei | quidway_s5700_firmware | v200r003c00spc300 | cpe:2.3:o:huawei:quidway_s5700_firmware:v200r003c00spc300:*:*:*:*:*:*:* |
| huawei | quidway_s6300_firmware | v200r003c00spc300 | cpe:2.3:o:huawei:quidway_s6300_firmware:v200r003c00spc300:*:*:*:*:*:*:* |
| huawei | quidway_s6700_firmware | v200r003c00spc300 | cpe:2.3:o:huawei:quidway_s6700_firmware:v200r003c00spc300:*:*:*:*:*:*:* |
| huawei | quidway_s7700_firmware | v200r003c00spc300 | cpe:2.3:o:huawei:quidway_s7700_firmware:v200r003c00spc300:*:*:*:*:*:*:* |
| huawei | quidway_s7700_firmware | v200r003c00spc500 | cpe:2.3:o:huawei:quidway_s7700_firmware:v200r003c00spc500:*:*:*:*:*:*:* |
| huawei | quidway_s9300_firmware | v200r003c00spc300 | cpe:2.3:o:huawei:quidway_s9300_firmware:v200r003c00spc300:*:*:*:*:*:*:* |
| huawei | quidway_s9300_firmware | v200r003c00spc500 | cpe:2.3:o:huawei:quidway_s9300_firmware:v200r003c00spc500:*:*:*:*:*:*:* |
Related
openvas
openvas
cve
cve
CVE-2015-1460
2015-02-03 16:59:32
nvd
nvd
CVE-2015-1460
2015-02-03 16:59:32
prion
prion
Code injection
2015-02-03 16:59:00
cvelist
cvelist
CVE-2015-1460
2015-02-03 16:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.005
Percentile
77.0%
Related for HUAWEI-SA-20150121-01-QUIDWAY-SWITCHES