Security Advisory - Information Exposure Vulnerability in Huawei Ethernet Switch

Type huawei
Reporter Huawei Technologies
Modified 2016-01-12T00:00:00


There is an information exposure vulnerability in Huawei Ethernet switch. When uploading files to some directory, the user needs to enter the username and password. However, the system does not mask passwords. As a result, the password entered is displayed in plain text, leading to password leaks. (Vulnerability ID: HWPSIRT-2015-08053)   This vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2015-8675.   Huawei has released software updates to fix this vulnerability. This advisory is available at the following link: