4.3

CVE-2017-15327

S12700 V200R005C00, V200R006C00, V200R006C01, V200R007C00, V200R007C01, V200R007C20, V200R008C00, V200R008C06, V200R009C00, V200R010C00, S7700 V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R006C01, V200R007C00, V200R007C01, V200R008C00, V200R008C06, V200R009C00, V200R010C00, S9700 V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R006C01, V200R007C00, V200R007C01, V200R008C00, V200R009C00, V200R010C00 have an improper authorization vulnerability on Huawei switch products. The system incorrectly performs an authorization check when a normal user attempts to access certain information which is supposed to be accessed only by authenticated user. Successful exploit could cause information disclosure.

Data is provided by the National Vulnerability Database (NVD)
HuaweiS12700 Firmware Versionv200r005c00
   HuaweiS12700 Version-
HuaweiS12700 Firmware Versionv200r006c00
   HuaweiS12700 Version-
HuaweiS12700 Firmware Versionv200r006c01
   HuaweiS12700 Version-
HuaweiS12700 Firmware Versionv200r007c00
   HuaweiS12700 Version-
HuaweiS12700 Firmware Versionv200r007c01
   HuaweiS12700 Version-
HuaweiS12700 Firmware Versionv200r007c20
   HuaweiS12700 Version-
HuaweiS12700 Firmware Versionv200r008c00
   HuaweiS12700 Version-
HuaweiS12700 Firmware Versionv200r008c06
   HuaweiS12700 Version-
HuaweiS12700 Firmware Versionv200r009c00
   HuaweiS12700 Version-
HuaweiS12700 Firmware Versionv200r010c00
   HuaweiS12700 Version-
HuaweiS7700 Firmware Versionv200r001c00
   HuaweiS7700 Version-
HuaweiS7700 Firmware Versionv200r001c01
   HuaweiS7700 Version-
HuaweiS7700 Firmware Versionv200r002c00
   HuaweiS7700 Version-
HuaweiS7700 Firmware Versionv200r003c00
   HuaweiS7700 Version-
HuaweiS7700 Firmware Versionv200r005c00
   HuaweiS7700 Version-
HuaweiS7700 Firmware Versionv200r006c00
   HuaweiS7700 Version-
HuaweiS7700 Firmware Versionv200r006c01
   HuaweiS7700 Version-
HuaweiS7700 Firmware Versionv200r007c00
   HuaweiS7700 Version-
HuaweiS7700 Firmware Versionv200r007c01
   HuaweiS7700 Version-
HuaweiS7700 Firmware Versionv200r008c00
   HuaweiS7700 Version-
HuaweiS7700 Firmware Versionv200r008c06
   HuaweiS7700 Version-
HuaweiS7700 Firmware Versionv200r009c00
   HuaweiS7700 Version-
HuaweiS7700 Firmware Versionv200r010c00
   HuaweiS7700 Version-
HuaweiS9700 Firmware Versionv200r001c00
   HuaweiS9700 Version-
HuaweiS9700 Firmware Versionv200r001c01
   HuaweiS9700 Version-
HuaweiS9700 Firmware Versionv200r002c00
   HuaweiS9700 Version-
HuaweiS9700 Firmware Versionv200r003c00
   HuaweiS9700 Version-
HuaweiS9700 Firmware Versionv200r005c00
   HuaweiS9700 Version-
HuaweiS9700 Firmware Versionv200r006c00
   HuaweiS9700 Version-
HuaweiS9700 Firmware Versionv200r006c01
   HuaweiS9700 Version-
HuaweiS9700 Firmware Versionv200r007c00
   HuaweiS9700 Version-
HuaweiS9700 Firmware Versionv200r007c01
   HuaweiS9700 Version-
HuaweiS9700 Firmware Versionv200r008c00
   HuaweiS9700 Version-
HuaweiS9700 Firmware Versionv200r009c00
   HuaweiS9700 Version-
HuaweiS9700 Firmware Versionv200r010c00
   HuaweiS9700 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.11% 0.256
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 4.3 2.8 1.4
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
nvd@nist.gov 4 8 2.9
AV:N/AC:L/Au:S/C:P/I:N/A:N
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.