The CF cards on some Huawei switches and ARs contain some sensitive information in plaintext. Once an attacker gets such a CF card, it may result in the leak of sensitive information (HWPSIRT-2015-07048).
Currently, official fixes are available.
Vendor | Product | Version | CPE |
---|---|---|---|
huawei | s7700_firmware | v200r001c00spc300 | cpe:2.3:o:huawei:s7700_firmware:v200r001c00spc300:*:*:*:*:*:*:* |
huawei | s9700_firmware | v200r001c00spc300 | cpe:2.3:a:huawei:s9700_firmware:v200r001c00spc300:*:*:*:*:*:*:* |
huawei | s9300_firmware | v200r001c00spc300 | cpe:2.3:a:huawei:s9300_firmware:v200r001c00spc300:*:*:*:*:*:*:* |
huawei | s7700_firmware | v200r002c00spc100 | cpe:2.3:o:huawei:s7700_firmware:v200r002c00spc100:*:*:*:*:*:*:* |
huawei | s9700_firmware | v200r002c00spc100 | cpe:2.3:a:huawei:s9700_firmware:v200r002c00spc100:*:*:*:*:*:*:* |
huawei | s9300_firmware | v200r002c00spc100 | cpe:2.3:a:huawei:s9300_firmware:v200r002c00spc100:*:*:*:*:*:*:* |
huawei | s7700_firmware | v200r003c00spc500 | cpe:2.3:o:huawei:s7700_firmware:v200r003c00spc500:*:*:*:*:*:*:* |
huawei | s9700_firmware | v200r003c00spc500 | cpe:2.3:a:huawei:s9700_firmware:v200r003c00spc500:*:*:*:*:*:*:* |
huawei | s9300_firmware | v200r003c00spc500 | cpe:2.3:a:huawei:s9300_firmware:v200r003c00spc500:*:*:*:*:*:*:* |
huawei | s7700_firmware | v200r005c00spc300 | cpe:2.3:o:huawei:s7700_firmware:v200r005c00spc300:*:*:*:*:*:*:* |