CVSS: 5.9EPSS: 0%CPEs: 87EXPL: 0CVE-2019-5291
https://notcve.org/view.php?id=CVE-2019-5291
13 Dec 2019 — Some Huawei products have an insufficient verification of data authenticity vulnerability. A remote, unauthenticated attacker has to intercept specific packets between two devices, modify the packets, and send the modified packets to the peer device. Due to insufficient verification of some fields in the packets, an attacker may exploit the vulnerability to cause the target device to be abnormal. Algunos productos Huawei presentan una comprobación insuficiente de una vulnerabilidad de autenticidad de datos.... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-validation-en • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2015-2800
https://notcve.org/view.php?id=CVE-2015-2800
08 Jun 2017 — The user authentication module in Huawei Campus switches S5700, S5300, S6300, and S6700 with software before V200R001SPH012 and S7700, S9300, and S9700 with software before V200R001SPH015 allows remote attackers to cause a denial of service (device restart) via vectors involving authentication, which trigger an array access violation. El módulo de autentificación de usuarios en los switches Huawei Campus S5700, S5300, S6300 y S6700 con un software anterior a V200R001SPH012 y S7700, S9300 y S9700 con una ver... • http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-418554.htm • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 59EXPL: 0CVE-2014-8572
https://notcve.org/view.php?id=CVE-2014-8572
02 Apr 2017 — Huawei AC6605 with software V200R001C00; AC6605 with software V200R002C00; ACU with software V200R001C00; ACU with software V200R002C00; S2300, S3300, S2700, S3700 with software V100R006C05 and earlier versions; S5300, S5700, S6300, S6700 with software V100R006, V200R001, V200R002, V200R003, V200R005C00SPC300 and earlier versions; S7700, S9300, S9300E, S9700 with software V100R006, V200R001, V200R002, V200R003, V200R005C00SPC300 and earlier versions could allow remote attackers to send a special SSH packet ... • http://www.huawei.com/en/psirt/security-advisories/hw-373182 • CWE-20: Improper Input Validation •