PT-2017-7461 · Huawei · Huawei Logcenter

Published

2017-04-02

Updated

2017-04-05

CVE-2015-8670

CVSS v2.0

4.0

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Huawei LogCenter version V100R001C10

Description The issue allows an authenticated attacker to add abnormal device information to the log collection module, resulting in a denial of service.

Recommendations For Huawei LogCenter version V100R001C10, consider restricting access to the log collection module to prevent abnormal device information from being added until a fix is available.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2015-8670

Affected Products

Huawei Logcenter

PT-2017-7461 · Huawei · Huawei Logcenter

CVE-2015-8670

Weakness Enumeration

Related Identifiers

Affected Products

References · 2