5.9

CVE-2014-5394

Multiple Huawei Campus switches allow remote attackers to enumerate usernames via vectors involving use of SSH by the maintenance terminal.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
HuaweiS9300 Firmware Versionv200r001c00spc300
   HuaweiS9300 Version-
HuaweiS9300 Firmware Versionv200r002c00spc300
   HuaweiS9300 Version-
HuaweiS9300 Firmware Versionv200r003c00spc500
   HuaweiS9300 Version-
HuaweiS9300e Firmware Versionv200r001c00spc300
   HuaweiS9300e Version-
HuaweiS9300e Firmware Versionv200r002c00spc300
   HuaweiS9300e Version-
HuaweiS9300e Firmware Versionv200r003c00spc500
   HuaweiS9300e Version-
HuaweiS7700 Firmware Versionv200r001c00spc300
   HuaweiS7700 Version-
HuaweiS7700 Firmware Versionv200r002c00spc300
   HuaweiS7700 Version-
HuaweiS7700 Firmware Versionv200r003c00spc500
   HuaweiS7700 Version-
HuaweiS9700 Firmware Versionv200r001c00spc300
   HuaweiS9700 Version-
HuaweiS9700 Firmware Versionv200r002c00spc300
   HuaweiS9700 Version-
HuaweiS9700 Firmware Versionv200r003c00spc500
   HuaweiS9700 Version-
HuaweiS5700 Firmware Versionv200r001c00spc300
   HuaweiS5700 Version-
HuaweiS5700 Firmware Versionv200r002c00spc300
   HuaweiS5700 Version-
HuaweiS5700 Firmware Versionv200r003c00spc300
   HuaweiS5700 Version-
HuaweiS6700 Firmware Versionv200r001c00spc300
   HuaweiS6700 Version-
HuaweiS6700 Firmware Versionv200r002c00spc300
   HuaweiS6700 Version-
HuaweiS6700 Firmware Versionv200r003c00spc300
   HuaweiS6700 Version-
HuaweiS5300 Firmware Versionv200r001c00spc300
   HuaweiS5300 Version-
HuaweiS5300 Firmware Versionv200r002c00spc300
   HuaweiS5300 Version-
HuaweiS5300 Firmware Versionv200r003c00spc300
   HuaweiS5300 Version-
HuaweiS6300 Firmware Versionv200r001c00spc300
   HuaweiS6300 Version-
HuaweiS6300 Firmware Versionv200r002c00spc300
   HuaweiS6300 Version-
HuaweiS6300 Firmware Versionv200r003c00spc300
   HuaweiS6300 Version-
HuaweiS2300 Firmware Versionv100r006c05
   HuaweiS2300 Version-
HuaweiS2700 Firmware Versionv100r006c05
   HuaweiS2700 Version-
HuaweiS3300 Firmware Versionv100r006c05
   HuaweiS3300 Version-
HuaweiS3700 Firmware Versionv100r006c05
   HuaweiS3700 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.43% 0.614
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.9 2.2 3.6
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:P/I:N/A:N
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://www.securityfocus.com/bid/69302
Third Party Advisory
VDB Entry