Vulnerabilities > Huawei
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-02 | CVE-2016-8757 | Information Exposure vulnerability in Huawei P9 Firmware ION memory management module in Huawei P9 phones with software EVA-AL10C00B192 and earlier versions, EVA-DL10C00B192 and earlier versions, EVA-TL10C00B192 and earlier versions, EVA-CL10C00B192 and earlier versions allows attackers to obtain sensitive information from uninitialized memory. | 3.3 |
| 2017-04-02 | CVE-2016-8756 | Improper Input Validation vulnerability in Huawei Mate 8 Firmware ION memory management module in Huawei Mate 8 phones with software NXT-AL10C00B197 and earlier versions, NXT-DL10C00B197 and earlier versions, NXT-TL10C00B197 and earlier versions, NXT-CL10C00B197 and earlier versions allows attackers to cause a denial of service (restart). | 5.5 |
| 2017-04-02 | CVE-2016-8754 | Use of Hard-coded Credentials vulnerability in Huawei Oceanstor 5600 V3 Firmware V300R003C00 Huawei OceanStor 5600 V3 V300R003C00 has a hardcoded SSH key vulnerability; the hardcoded keys are used to encrypt communication data and authenticate different nodes of the devices. | 7.5 |
| 2017-04-02 | CVE-2016-8275 | Improper Input Validation vulnerability in Huawei Anyoffice V200R006C00 Huawei AnyOffice V200R006C00 could allow an authenticated, remote attacker to cause the software to deny services by uploading an XML bomb. | 6.5 |
| 2017-04-02 | CVE-2016-8274 | Improper Access Control vulnerability in Huawei Hisuite 4.0.5.300Ove Huawei PC client software HiSuite 4.0.5.300_OVE has a dynamic link library (DLL) hijack vulnerability; an attacker can make the system load malicious DLL files to execute arbitrary code. | 7.8 |
| 2017-04-02 | CVE-2016-8273 | Improper Access Control vulnerability in Huawei Hisuite 4.0.5.300Ove Huawei PC client software HiSuite 4.0.5.300_OVE uses insecure HTTP for upgrade software package download and does not check the integrity of the software package before installing; an attacker can launch an MITM attack to interrupt or replace the downloaded software package and further compromise the PC. | 7.8 |
| 2017-04-02 | CVE-2016-8272 | Information Exposure vulnerability in Huawei Hisuite 4.0.5.300Ove Huawei PC client software HiSuite 4.0.5.300_OVE has an information leak vulnerability; an attacker who can log in to the system can copy out the user's proxy password, causing information leaks. | 5.3 |
| 2017-04-02 | CVE-2016-8271 | Information Exposure vulnerability in Huawei Espace IAD Firmware V300R001C07Spca00/V300R002C01/V300R002C01Spc100 Huawei eSpace IAD V300R002C01SPC100 and earlier versions have an information leak vulnerability; an attacker can check and download the fault information by accessing a special URL. | 5.3 |
| 2017-04-02 | CVE-2016-6177 | Integer Overflow or Wraparound vulnerability in Huawei Oceanstor 5800 V3 Firmware V300R003C00 The Huawei OceanStor 5800 V300R003C00 has an integer overflow vulnerability. | 6.5 |
| 2017-04-02 | CVE-2016-2404 | Permissions, Privileges, and Access Controls vulnerability in Huawei products Huawei switches S5700, S6700, S7700, S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00; S12700 with software V200R005C00SPC500, V200R006C00; ACU2 with software V200R005C00SPC500, V200R006C00 have a permission control vulnerability. | 7.5 |