Security Advisory - Plaintext User Password Vulnerability in VCN500 Logs

2015-11-26T00:00:00
ID HUAWEI-SA-20151126-04-VCN500
Type huawei
Reporter Huawei Technologies
Modified 2015-11-26T00:00:00

Description

Huawei VCN500 (Video Cloud Node) logs user passwords in plaintext for specific operations on the certain interface, leading to user password leakage. (Vulnerability ID:HWPSIRT-2015-09032) This vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2015-8335. Huawei has released software updates to fix these vulnerabilities. This advisory is available at the following link: http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-463084.htm