CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2015-1460
https://notcve.org/view.php?id=CVE-2015-1460
Huawei Quidway switches with firmware before V200R005C00SPC300 allows remote attackers to gain privileges via a crafted packet. Los switches Huawei Quidway con firmware anterior a V200R005C00SPC300 permiten a atacantes remotos ganar privilegios a través de un paquete manipulado. • http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-411975.htm • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 31EXPL: 0CVE-2014-4190
https://notcve.org/view.php?id=CVE-2014-4190
Multiple heap-based buffer overflows in Huawei Campus Series Switches S3700HI, S5700, S6700, S3300HI, S5300, S6300, S9300, S7700, and LSW S9700 with software V200R001 before V200R001SPH013; S5700, S6700, S5300, and S6300 with software V200R002 before V200R002SPH005; S7700, S9300, S9300E, S5300, S5700, S6300, S6700, S2350, S2750, and LSW S9700 with software V200R003 before V200R003SPH005; and S7700, S9300, S9300E, and LSW S9700 with software V200R005 before V200R005C00SPC300 allow remote attackers to cause a denial of service (device restart) via a crafted length field in a packet. Múltiples desbordamiento de buffer basado en memoria dinámica en Huawei Campus Series Switches S3700HI, S5700, S6700, S3300HI, S5300, S6300, S9300, S7700 y LSW S9700 con software V200R001 anterior a V200R001SPH013; S5700, S6700, S5300 y S6300 con software V200R002 anterior a V200R002SPH005; S7700, S9300, S9300E, S5300, S5700, S6300, S6700, S2350, S2750 y LSW S9700 con software V200R003 anterior a V200R003SPH005; y S7700, S9300, S9300E y LSW S9700 con software V200R005 anterior a V200R005C00SPC300 permiten a atacantes remotos causar una denegación de servicio (reinicio de dispositivo) a través de un campo de longitud manipulado en un paquete. • http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-343218.htm http://www.securityfocus.com/bid/67907 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 3.5EPSS: 0%CPEs: 3EXPL: 0CVE-2013-4628
https://notcve.org/view.php?id=CVE-2013-4628
The firewall module on the Huawei Quidway Service Process Unit (SPU) board S7700, S9300, and S9700 on Huawei Campus Switch devices allows remote authenticated users to obtain sensitive information from the high-priority security zone by leveraging access to the low-priority security zone. El módulo del firewall en el Huawe Quidway Service Process Unit (SPU) board S770, S9300, S9700 en dispositivos Huawei Campus Switch permite a usuarios autenticados de forma remota obtener información sensible de zonas de alta prioridad de seguridad a través del aprovechamiento del acceso a zonas de baja prioridad de seguridad. • http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-261458.htm • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 107EXPL: 1CVE-2012-4960 – Huawei (Multiple Products) - Password Encryption
https://notcve.org/view.php?id=CVE-2012-4960
The Huawei NE5000E, MA5200G, NE40E, NE80E, ATN, NE40, NE80, NE20E-X6, NE20, ME60, CX600, CX200, CX300, ACU, WLAN AC 6605, S9300, S7700, S2300, S3300, S5300, S3300HI, S5300HI, S5306, S6300, S2700, S3700, S5700, S6700, AR G3, H3C AR(OEM IN), AR 19, AR 29, AR 49, Eudemon100E, Eudemon200, Eudemon300, Eudemon500, Eudemon1000, Eudemon1000E-U/USG5300, Eudemon1000E-X/USG5500, Eudemon8080E/USG9300, Eudemon8160E/USG9300, Eudemon8000E-X/USG9500, E200E-C/USG2200, E200E-X3/USG2200, E200E-X5/USG2200, E200E-X7/USG2200, E200E-C/USG5100, E200E-X3/USG5100, E200E-X5/USG5100, E200E-X7/USG5100, E200E-B/USG2100, E200E-X1/USG2100, E200E-X2/USG2100, SVN5300, SVN2000, SVN5000, SVN3000, NIP100, NIP200, NIP1000, NIP2100, NIP2200, and NIP5100 use the DES algorithm for stored passwords, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack. Los Huawei NE5000E, MA5200G, NE40E, NE80E, ATN, NE40, NE80, NE20E-X6, NE20, ME60, CX600, CX200, CX300, ACU, WLAN AC 6605, S9300, S7700, S2300, S3300, S5300, S3300HI, S5300HI, S5306, S6300, S2700, S3700, S5700, S6700, AR G3, H3C AR(OEM IN), AR 19, AR 29, AR 49, Eudemon100E, Eudemon200, Eudemon300, Eudemon500, Eudemon1000, Eudemon1000E-U/USG5300, Eudemon1000E-X/USG5500, Eudemon8080E/USG9300, Eudemon8160E/USG9300, Eudemon8000E-X/USG9500, E200E-C/USG2200, E200E-X3/USG2200, E200E-X5/USG2200, E200E-X7/USG2200, E200E-C/USG5100, E200E-X3/USG5100, E200E-X5/USG5100, E200E-X7/USG5100, E200E-B/USG2100, E200E-X1/USG2100, E200E-X2/USG2100, SVN5300, SVN2000, SVN5000, SVN3000, NIP100, NIP200, NIP1000, NIP2100, NIP2200, y NIP5100 utiliza el algoritmo DES para las contraseñas almacenados, lo que hace que sea más fácil para los atacantes dependientes de contexto obtener contraseñas de texto simple a través de un ataque de fuerza bruta. • https://www.exploit-db.com/exploits/38020 http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194373.htm http://www.kb.cert.org/vuls/id/948096 • CWE-310: Cryptographic Issues •