Vulnerabilities > Huawei > UMA

DATE CVE VULNERABILITY TITLE RISK
2017-11-22 CVE-2017-8120 Improper Input Validation vulnerability in Huawei UMA V200R001/V300R001
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters.
network
low complexity
huawei CWE-20
critical
 9.8
9.8
2017-11-22 CVE-2017-8119 Improper Input Validation vulnerability in Huawei UMA V200R001/V300R001
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters.
network
low complexity
huawei CWE-20
critical
 9.8
9.8
2017-11-22 CVE-2017-8118 Information Exposure vulnerability in Huawei UMA V200R001/V300R001
The UMA product with software V200R001 and V300R001 has an information leak vulnerability.
local
low complexity
huawei CWE-200
2.3
2.3
2017-11-22 CVE-2017-8117 Improper Input Validation vulnerability in Huawei UMA V200R001/V300R001
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters.
network
low complexity
huawei CWE-20
critical
 9.8
9.8
2016-09-07 CVE-2016-7110 Code Injection vulnerability in Huawei UMA V200R001/V200R001C00Spc100
Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 allows remote attackers to execute arbitrary commands via "special characters," a different vulnerability than CVE-2016-7109.
network
low complexity
huawei CWE-94
critical
 9.8
9.8
2016-09-07 CVE-2016-7109 Code Injection vulnerability in Huawei UMA V200R001/V200R001C00Spc100
Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 allows remote attackers to execute arbitrary commands via "special characters," a different vulnerability than CVE-2016-7110.
network
low complexity
huawei CWE-94
critical
 9.8
9.8
2016-09-07 CVE-2016-7108 Information Exposure vulnerability in Huawei UMA V200R001/V200R001C00Spc100/V200R001C00Spc200
Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 SPH206 allows remote authenticated users to obtain the MD5 hashes of arbitrary user passwords via unspecified vectors.
network
low complexity
huawei CWE-200
6.5
6.5
2016-09-07 CVE-2016-7107 Improper Access Control vulnerability in Huawei UMA V200R001/V200R001C00Spc100/V200R001C00Spc200
Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 SPH206 allows remote attackers to reset arbitrary user passwords and consequently affect system data integrity via unspecified vectors.
network
low complexity
huawei CWE-284
7.5
7.5