Lucene search

[email protected]CVE-2016-7107

HistorySep 07, 2016 - 7:28 p.m.

CVE-2016-7107

2016-09-0719:28:22

CWE-284

[email protected]

web.nvd.nist.gov

huawei

uma

v200r001c00spc200

sph206

cve-2016-7107

password reset

system integrity

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

7.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.8%

JSON

Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 SPH206 allows remote attackers to reset arbitrary user passwords and consequently affect system data integrity via unspecified vectors.

Affected configurations

NVD

Node

huaweiumaRange≤v200r001c00spc200

CPENameOperatorVersion
huawei:umahuawei umalev200r001c00spc200

CPE	Name	Operator	Version
huawei:uma	huawei uma	le	v200r001c00spc200

References

www.huawei.com/en/psirt/security-advisories/huawei-sa-20160824-02-uma-en

www.securityfocus.com/bid/92619

Social References

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

7.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.8%

JSON

Related for CVE-2016-7107

nvd1 cvelist1 prion1 huawei1