PT-2017-18131 · Huawei · Uma
Published
2017-11-22
·
Updated
2019-10-03
·
CVE-2017-8122
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
UMA product version V200R001
Description
The issue is related to insufficient validation or improper processing of parameters, which can lead to privilege elevation. An attacker could exploit this by crafting specific packets to gain elevated privileges.
Recommendations
For UMA product version V200R001, consider restricting access to sensitive areas of the system until a patch is available. As a temporary workaround, review and strengthen parameter validation and processing to minimize the risk of exploitation.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Uma