Search...

CVE-2014-9696

2017-04-02T20:59:00

ID CVE-2014-9696
Type cve
Reporter cve@mitre.org
Modified 2017-04-05T18:45:00

Description

The Hyper Module Management (HMM) software of Huawei Tecal E9000 Chassis V100R001C00SPC160 and earlier versions allows the operator to modify the user configuration of iMana through privilege escalation.

JSON Vulners Source

Initial Source

{"id": "CVE-2014-9696", "bulletinFamily": "NVD", "title": "CVE-2014-9696", "description": "The Hyper Module Management (HMM) software of Huawei Tecal E9000 Chassis V100R001C00SPC160 and earlier versions allows the operator to modify the user configuration of iMana through privilege escalation.", "published": "2017-04-02T20:59:00", "modified": "2017-04-05T18:45:00", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9696", "reporter": "cve@mitre.org", "references": ["http://www.huawei.com/en/psirt/security-advisories/hw-408117"], "cvelist": ["CVE-2014-9696"], "type": "cve", "lastseen": "2019-05-29T18:13:50", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "3ae36c9f5a2745e7fc821535a91475e3"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cpe23", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvelist", "hash": "78797bb60233019c3a85f4192cd2be97"}, {"key": "cvss", "hash": "0187fd86f792b6c1e0077d0f69d0ed79"}, {"key": "cvss2", "hash": "3a23743b550c717d37c2a24d8d13bd04"}, {"key": "cvss3", "hash": "9d7a1bf739aa233fb3bce7ee66cd981d"}, {"key": "cwe", "hash": "fa12e087f68642fcaefafba0d4583885"}, {"key": "description", "hash": "ab396b8dcb8fa7c10cd2afdc4b3cf241"}, {"key": "href", "hash": "19e1aae35425a4b9b4acb7cefd2a6897"}, {"key": "modified", "hash": "b8e2638aa94888e5a610f2faacddb192"}, {"key": "published", "hash": "fdc7c5b148728809ab2b3019781b2485"}, {"key": "references", "hash": "667f065ce1322a7e7a63985944bc77af"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "30b2337e01aca0d4a2e759e7ce89214b"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "265410a5826f57e9c6c06fc915f71954cc5cbf5c0b3a993c6a468052e3d85bd5", "viewCount": 0, "enchantments": {"score": {"value": 5.4, "vector": "NONE", "modified": "2019-05-29T18:13:50"}, "dependencies": {"references": [{"type": "huawei", "idList": ["HUAWEI-SA-20141224-02-HMM"]}], "modified": "2019-05-29T18:13:50"}, "vulnersScore": 5.4}, "objectVersion": "1.3", "cpe": [], "affectedSoftware": [{"name": "huawei tecal_e9000_chassis_firmware", "operator": "le", "version": "v100r001c00spc160"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "cpe23": [], "cwe": ["CWE-264"]}

{"huawei": [{"lastseen": "2019-02-01T18:02:33", "bulletinFamily": "software", "description": "Products\n\nSwitches\nRouters\nWLAN\nServers\nSee All\n\n\n\nSolutions\n\nCloud Data Center\nEnterprise Networking\nWireless Private Network\nSolutions by Industry\nSee All\n\n\n\nServices\n\nTraining and Certification\nICT Lifecycle Services\nTechnology Services\nIndustry Solution Services\nSee All\n\n\n\nSee all offerings at e.huawei.com\n\n\n\nNeed Support ?\n\nProduct Support\nSoftware Download\nCommunity\nTools\n\nGo to Full Support", "modified": "2014-12-24T00:00:00", "published": "2014-12-24T00:00:00", "id": "HUAWEI-SA-20141224-02-HMM", "href": "https://www.huawei.com/en/psirt/security-advisories/2014/hw-408117", "title": "Security Advisory-Privilege Escalation Vulnerability in IPMICommand of the HMM Software in a Huawei Server Product", "type": "huawei", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}