Huawei Oceanstor Uds Firmware vulnerabilities
4 known vulnerabilities affecting huawei/oceanstor_uds_firmware.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2015-2254CRITICALCVSS 9.1fixed in 100r002c01spc1022019-03-13
CVE-2015-2254 [CRITICAL] CWE-200 CVE-2015-2254: Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers to
Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers to capture and change patch loading information resulting in the deletion of directory files and compromise of system functions when loading a patch.
nvd
CVE-2015-2251HIGHCVSS 7.5≤ v100r002c01spc1012017-06-08
CVE-2015-2251 [HIGH] CWE-200 CVE-2015-2251: The DeviceManager in Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow
The DeviceManager in Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers to obtain sensitive information via a crafted UDS patch with JavaScript.
nvd
CVE-2015-2252HIGHCVSS 8.8≤ v100r002c01spc1012017-06-08
CVE-2015-2252 [HIGH] CWE-94 CVE-2015-2252: Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers to
Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers to execute arbitrary code with root privileges via a crafted UDS patch with shell scripts.
nvd
CVE-2015-2253MEDIUMCVSS 5.0≤ v100r002c01spc1012017-06-08
CVE-2015-2253 [MEDIUM] CWE-200 CVE-2015-2253: The XML interface in Huawei OceanStor UDS devices with software before V100R002C01SPC102 allows remo
The XML interface in Huawei OceanStor UDS devices with software before V100R002C01SPC102 allows remote authenticated users to obtain sensitive information via a crafted XML document.
nvd