6.5

CVE-2016-8779

Huawei FusionAccess with software V100R005C10 and V100R005C20 could allow remote attackers with specific permission to inject a Lightweight Directory Access Protocol (LDAP) operation command into a specific input variable to obtain sensitive information from the database.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
HuaweiFusionaccess Versionv100r005c10
HuaweiFusionaccess Versionv100r005c20
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.86% 0.537
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.5 2.8 3.6
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 4 8 2.9
AV:N/AC:L/Au:S/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161130-01-ldap-en
Vendor Advisory
http://www.securityfocus.com/bid/94620
Third Party Advisory
VDB Entry