PT-2017-7462 · Huawei · Huawei Logcenter
Publicado
2017-04-02
·
Atualizado
2017-04-05
·
CVE-2015-8671
CVSS v2.0
6.5
Média
| Vetor | AV:N/AC:L/Au:S/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Huawei LogCenter version V100R001C10
Description
The issue allows an authenticated attacker to tamper with requests and submit them to the server for privilege escalation, which can affect some system functions.
Recommendations
For Huawei LogCenter version V100R001C10, consider restricting access to system functions that can be affected by privilege escalation until a fix is available. As a temporary workaround, monitor server requests for any signs of tampering and consider implementing additional authentication measures to prevent unauthorized access.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Huawei Logcenter