PT-2017-6389 · Huawei · Huawei Tecal E9000 Chassis+2

Published

2017-04-02

Updated

2017-04-05

CVE-2014-9696

CVSS v2.0

6.5

Medium

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Huawei Tecal E9000 Chassis versions V100R001C00SPC160 and earlier

Description The issue allows an operator to modify the user configuration of iMana through privilege escalation in the Hyper Module Management (HMM) software.

Recommendations For versions V100R001C00SPC160 and earlier, consider restricting access to the HMM software to prevent unauthorized modifications to the iMana user configuration until a fix is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2014-9696

Affected Products

Huawei Tecal E9000 Chassis

Hyper Module Management

Imana

PT-2017-6389 · Huawei · Huawei Tecal E9000 Chassis+2

CVE-2014-9696

Weakness Enumeration

Related Identifiers

Affected Products

References · 2