Security Advisory - Plaintext User Password Vulnerability in VCN500 Logs

ID HUAWEI-SA-20151126-04-VCN500
Type huawei
Reporter Huawei Technologies
Modified 2015-11-26T00:00:00


Huawei VCN500 (Video Cloud Node) logs user passwords in plaintext for specific operations on the certain interface, leading to user password leakage. (Vulnerability ID:HWPSIRT-2015-09032) This vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2015-8335. Huawei has released software updates to fix these vulnerabilities. This advisory is available at the following link: