Vulnerabilities > Huawei > UMA > v200r001c00spc100

DATE CVE VULNERABILITY TITLE RISK
2016-09-07 CVE-2016-7110 Code Injection vulnerability in Huawei UMA V200R001/V200R001C00Spc100
Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 allows remote attackers to execute arbitrary commands via "special characters," a different vulnerability than CVE-2016-7109.
network
low complexity
huawei CWE-94
critical
 9.8
9.8
2016-09-07 CVE-2016-7109 Code Injection vulnerability in Huawei UMA V200R001/V200R001C00Spc100
Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 allows remote attackers to execute arbitrary commands via "special characters," a different vulnerability than CVE-2016-7110.
network
low complexity
huawei CWE-94
critical
 9.8
9.8
2016-09-07 CVE-2016-7108 Information Exposure vulnerability in Huawei UMA V200R001/V200R001C00Spc100/V200R001C00Spc200
Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 SPH206 allows remote authenticated users to obtain the MD5 hashes of arbitrary user passwords via unspecified vectors.
network
low complexity
huawei CWE-200
6.5
6.5
2016-09-07 CVE-2016-7107 Improper Access Control vulnerability in Huawei UMA V200R001/V200R001C00Spc100/V200R001C00Spc200
Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 SPH206 allows remote attackers to reset arbitrary user passwords and consequently affect system data integrity via unspecified vectors.
network
low complexity
huawei CWE-284
7.5
7.5