CVE-2015-8675Huawei S5300 Firmware vulnerability

CWE-2553 documents3 sources
Severity
6.2MEDIUMNVD
EPSS
0.0%
top 91.64%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Huawei S5300 Firmware
Timeline
PublishedJan 15
Latest updateMay 17

Description

Huawei S5300 Campus Series switches with software before V200R005SPH008 do not mask the password when uploading files, which allows physically proximate attackers to obtain sensitive password information by reading the display.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.5 | Impact: 3.6

Affected Packages1 packages

NVDhuawei/s5300_firmwarev200r005c02

🔴Vulnerability Details

2
GHSA
GHSA-crhj-r6hm-ccw6: Huawei S5300 Campus Series switches with software before V200R005SPH008 do not mask the password when uploading files, which allows physically proxima2022-05-17
CVEList
CVE-2015-8675: Huawei S5300 Campus Series switches with software before V200R005SPH008 do not mask the password when uploading files, which allows physically proxima2016-01-15
CVE-2015-8675 — Huawei S5300 Firmware vulnerability | cvebase