V100R005C20

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

huawei

NVD

Published: 2017-04-02

Updated: 2024-11-21

Summary

Huawei FusionAccess with software V100R005C10 and V100R005C20 could allow remote attackers with specific permission to inject a Lightweight Directory Access Protocol (LDAP) operation command into a specific input variable to obtain sensitive information from the database.

Vulnerable Configurations

Part	Description	Count
Application	Huawei Huawei Fusionaccess V100R005C10 Huawei Fusionaccess V100R005C20	2

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161130-01-ldap-en
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161130-01-ldap-en
http://www.securityfocus.com/bid/94620
http://www.securityfocus.com/bid/94620