CVE-2016-8779

Name of the Vulnerable Software and Affected Versions Huawei FusionAccess versions V100R005C10 through V100R005C20

Description The issue allows remote attackers with specific permission to inject a Lightweight Directory Access Protocol (LDAP) operation command into a specific input variable, potentially obtaining sensitive information from the database.

Recommendations For versions V100R005C10 and V100R005C20, consider restricting access to the input variable that allows LDAP operation command injection to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.