Vulnerabilities > Huawei > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-01-11 | CVE-2015-8333 | Permissions, Privileges, and Access Controls vulnerability in Huawei Vcn500 V100R002C00Spc200B010 The Operation and Maintenance Unit (OMU) in Huawei VCN500 with software before V100R002C00SPC200 allows remote authenticated users to change the IP address of the media server via crafted packets. | 7.1 |
| 2016-01-11 | CVE-2015-8331 | Improper Input Validation vulnerability in Huawei Vcn500 V100R002C00Spc200B010 The Operation and Maintenance Unit (OMU) in Huawei VCN500 with software before V100R002C00SPC200 does not properly invalidate the session ID when an "abnormal exit" occurs, which allows remote attackers to conduct replay attacks via the session ID. | 7.4 |
| 2016-01-11 | CVE-2015-8231 | Resource Management Errors vulnerability in Huawei Espace 7910 and Espace 7950 Huawei eSpace 7910 and 7950 IP phones with software before V200R002C00SPC800 allow remote attackers with established sessions to cause a denial of service (device restart) via unspecified packets. | 7.5 |
| 2016-01-11 | CVE-2015-8230 | Resource Management Errors vulnerability in Huawei Espace 8950 V200R003C00Spc200 Memory leak in Huawei eSpace 8950 IP phones with software before V200R003C00SPC300 allows remote attackers to cause a denial of service (memory consumption and restart) via a large number of crafted ARP packets. | 7.5 |
| 2009-07-01 | CVE-2009-2272 | Cleartext Storage of Sensitive Information vulnerability in Huawei D100 Firmware The Huawei D100 stores the administrator's account name and password in cleartext in a cookie, which allows context-dependent attackers to obtain sensitive information by (1) reading a cookie file, by (2) sniffing the network for HTTP headers, and possibly by using unspecified other vectors. | 7.5 |