CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
21.7%
S12700 V200R005C00, V200R006C00, V200R006C01, V200R007C00, V200R007C01, V200R007C20, V200R008C00, V200R008C06, V200R009C00, V200R010C00, S7700 V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R006C01, V200R007C00, V200R007C01, V200R008C00, V200R008C06, V200R009C00, V200R010C00, S9700 V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R006C01, V200R007C00, V200R007C01, V200R008C00, V200R009C00, V200R010C00 have an improper authorization vulnerability on Huawei switch products. The system incorrectly performs an authorization check when a normal user attempts to access certain information which is supposed to be accessed only by authenticated user. Successful exploit could cause information disclosure.
Vendor | Product | Version | CPE |
---|---|---|---|
huawei | s12700_firmware | v200r005c00 | cpe:2.3:o:huawei:s12700_firmware:v200r005c00:*:*:*:*:*:*:* |
huawei | s12700_firmware | v200r006c00 | cpe:2.3:o:huawei:s12700_firmware:v200r006c00:*:*:*:*:*:*:* |
huawei | s12700_firmware | v200r006c01 | cpe:2.3:o:huawei:s12700_firmware:v200r006c01:*:*:*:*:*:*:* |
huawei | s12700_firmware | v200r007c00 | cpe:2.3:o:huawei:s12700_firmware:v200r007c00:*:*:*:*:*:*:* |
huawei | s12700_firmware | v200r007c01 | cpe:2.3:o:huawei:s12700_firmware:v200r007c01:*:*:*:*:*:*:* |
huawei | s12700_firmware | v200r007c20 | cpe:2.3:o:huawei:s12700_firmware:v200r007c20:*:*:*:*:*:*:* |
huawei | s12700_firmware | v200r008c00 | cpe:2.3:o:huawei:s12700_firmware:v200r008c00:*:*:*:*:*:*:* |
huawei | s12700_firmware | v200r008c06 | cpe:2.3:o:huawei:s12700_firmware:v200r008c06:*:*:*:*:*:*:* |
huawei | s12700_firmware | v200r009c00 | cpe:2.3:o:huawei:s12700_firmware:v200r009c00:*:*:*:*:*:*:* |
huawei | s12700_firmware | v200r010c00 | cpe:2.3:o:huawei:s12700_firmware:v200r010c00:*:*:*:*:*:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
21.7%