PT-2018-5790 · Huawei · S7700+3
Published
2018-03-28
·
Updated
2018-05-23
·
CVE-2017-15327
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
S12700 versions V200R005C00 through V200R010C00
S7700 versions V200R001C00 through V200R010C00
S9700 versions V200R001C00 through V200R010C00
Description:
The system incorrectly performs an authorization check when a normal user attempts to access certain information which is supposed to be accessed only by an authenticated user. Successful exploit could cause information disclosure.
Recommendations:
For S12700 versions V200R005C00 through V200R010C00, restrict access to sensitive information until a patch is available.
For S7700 versions V200R001C00 through V200R010C00, consider disabling access to certain features that require authenticated user access until the issue is resolved.
For S9700 versions V200R001C00 through V200R010C00, limit user privileges to prevent unauthorized access to sensitive information.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Huawei Vrp
S12700
S7700
S9700