PT-2021-22787 · Huawei · Ecns280 Td+1

Published

2021-12-08

Updated

2021-12-15

CVE-2021-40007

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions eCNS280 TD version V100R005C10SPC650

Description The issue is caused by improper log output management, allowing an attacker with access to the device's log file to potentially disclose information. This could lead to information leakage if the attacker can access the log file of the device.

Recommendations For eCNS280 TD version V100R005C10SPC650, consider restricting access to the log files to minimize the risk of information disclosure until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Encoding or Escaping of Output

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-116

Related Identifiers

CVE-2021-40007

Affected Products

Huawei Vrp

Ecns280 Td

PT-2021-22787 · Huawei · Ecns280 Td+1

CVE-2021-40007

Weakness Enumeration

Related Identifiers

Affected Products

References · 4