Search...

SSH Username Information Disclosure Vulnerability in Huawei Campus Series Switches

2014-08-26T00:00:00

ID HUAWEI-SA-20140820-01-CAMPUSSWITCH.NASL
Type nessus
Reporter This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.
Modified 2014-08-26T00:00:00

Description

The remote Huawei switch device is affected by an information disclosure vulnerability. By examining its SSH server response when attempting a login, a remote attacker can verify whether a guessed username exists on the device.

                                        
                                            #%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(77391);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2014-5394");
  script_bugtraq_id(69302);

  script_name(english:"SSH Username Information Disclosure Vulnerability in Huawei Campus Series Switches");
  script_summary(english:"Checks the firmware version.");

  script_set_attribute(attribute:"synopsis", value:
"The remote device is affected by an information disclosure
vulnerability.");
  script_set_attribute(attribute:"description", value:
"The remote Huawei switch device is affected by an information
disclosure vulnerability. By examining its SSH server response when
attempting a login, a remote attacker can verify whether a guessed
username exists on the device.");
  # http://huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-362701.htm
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?30364a09");
  script_set_attribute(attribute:"solution", value:"Apply the appropriate firmware patch.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/08/20");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/08/20");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/08/26");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:versatile_routing_platform");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Huawei Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.");

  script_dependencies("huawei_vrp_version.nbin");
  script_require_keys("Host/Huawei/VRP/Series", "Host/Huawei/VRP/Version", "Host/Huawei/VRP/Model");

  exit(0);
}

include("huawei_version.inc");

model = get_kb_item_or_exit("Host/Huawei/VRP/Model");
series = get_kb_item_or_exit("Host/Huawei/VRP/Series");
version = get_kb_item_or_exit("Host/Huawei/VRP/Version");

affected_name = "Huawei Campus Series Switch";

reference = make_nested_list(
  make_array(
    "series", make_list("^S9300E?$", "^S[79]700$", "^S[65][37]00$"),
    "checks", make_nested_list(
      make_array("vuln", "V200R001C00SPC300", "fix", "V200R005C00SPC300"),
      make_array("vuln", "V200R002C00SPC300", "fix", "V200R005C00SPC300"),
      make_array("vuln", "V200R003C00SPC500", "fix", "V200R005C00SPC300")
    )
  ),
  make_array(
    "series", make_list("^S[23][37]00$"),
    "checks", make_nested_list(
      make_array("vuln", "V100R006C05", "fix", "V100R006SPH018")
    )
  )
);

huawei_check_and_report(
  model:model,
  series:series,
  version:version,
  reference:reference,
  severity:SECURITY_WARNING
);

JSON Vulners Source

Initial Source

{"id": "HUAWEI-SA-20140820-01-CAMPUSSWITCH.NASL", "bulletinFamily": "scanner", "title": "SSH Username Information Disclosure Vulnerability in Huawei Campus Series Switches", "description": "The remote Huawei switch device is affected by an information\ndisclosure vulnerability. By examining its SSH server response when\nattempting a login, a remote attacker can verify whether a guessed\nusername exists on the device.", "published": "2014-08-26T00:00:00", "modified": "2014-08-26T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "href": "https://www.tenable.com/plugins/nessus/77391", "reporter": "This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.", "references": ["http://www.nessus.org/u?30364a09"], "cvelist": ["CVE-2014-5394"], "type": "nessus", "lastseen": "2021-01-07T11:23:16", "edition": 24, "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2014-5394"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20140820-01-CAMPUS-SWITCH"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310113083"]}], "modified": "2021-01-07T11:23:16", "rev": 2}, "score": {"value": 5.5, "vector": "NONE", "modified": "2021-01-07T11:23:16", "rev": 2}, "vulnersScore": 5.5}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77391);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-5394\");\n script_bugtraq_id(69302);\n\n script_name(english:\"SSH Username Information Disclosure Vulnerability in Huawei Campus Series Switches\");\n script_summary(english:\"Checks the firmware version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is affected by an information disclosure\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Huawei switch device is affected by an information\ndisclosure vulnerability. By examining its SSH server response when\nattempting a login, a remote attacker can verify whether a guessed\nusername exists on the device.\");\n # http://huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-362701.htm\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?30364a09\");\n script_set_attribute(attribute:\"solution\", value:\"Apply the appropriate firmware patch.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/08/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:versatile_routing_platform\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n\n script_dependencies(\"huawei_vrp_version.nbin\");\n script_require_keys(\"Host/Huawei/VRP/Series\", \"Host/Huawei/VRP/Version\", \"Host/Huawei/VRP/Model\");\n\n exit(0);\n}\n\ninclude(\"huawei_version.inc\");\n\nmodel = get_kb_item_or_exit(\"Host/Huawei/VRP/Model\");\nseries = get_kb_item_or_exit(\"Host/Huawei/VRP/Series\");\nversion = get_kb_item_or_exit(\"Host/Huawei/VRP/Version\");\n\naffected_name = \"Huawei Campus Series Switch\";\n\nreference = make_nested_list(\n make_array(\n \"series\", make_list(\"^S9300E?$\", \"^S[79]700$\", \"^S[65][37]00$\"),\n \"checks\", make_nested_list(\n make_array(\"vuln\", \"V200R001C00SPC300\", \"fix\", \"V200R005C00SPC300\"),\n make_array(\"vuln\", \"V200R002C00SPC300\", \"fix\", \"V200R005C00SPC300\"),\n make_array(\"vuln\", \"V200R003C00SPC500\", \"fix\", \"V200R005C00SPC300\")\n )\n ),\n make_array(\n \"series\", make_list(\"^S[23][37]00$\"),\n \"checks\", make_nested_list(\n make_array(\"vuln\", \"V100R006C05\", \"fix\", \"V100R006SPH018\")\n )\n )\n);\n\nhuawei_check_and_report(\n model:model,\n series:series,\n version:version,\n reference:reference,\n severity:SECURITY_WARNING\n);\n", "naslFamily": "Huawei Local Security Checks", "pluginID": "77391", "cpe": ["cpe:/o:huawei:versatile_routing_platform"], "scheme": null}

{"cve": [{"lastseen": "2020-10-03T12:01:19", "description": "Multiple Huawei Campus switches allow remote attackers to enumerate usernames via vectors involving use of SSH by the maintenance terminal.", "edition": 3, "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.9, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-01-08T19:29:00", "title": "CVE-2014-5394", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-5394"], "modified": "2018-01-29T19:03:00", "cpe": ["cpe:/o:huawei:s6300_firmware:v200r001c00spc300", "cpe:/o:huawei:s9300_firmware:v200r003c00spc500", "cpe:/o:huawei:s6300_firmware:v200r002c00spc300", "cpe:/o:huawei:s2700_firmware:v100r006c05", "cpe:/o:huawei:s9700_firmware:v200r001c00spc300", "cpe:/o:huawei:s5700_firmware:v200r003c00spc300", "cpe:/o:huawei:s5700_firmware:v200r002c00spc300", "cpe:/o:huawei:s6700_firmware:v200r003c00spc300", "cpe:/o:huawei:s5300_firmware:v200r003c00spc300", "cpe:/o:huawei:s3700_firmware:v100r006c05", "cpe:/o:huawei:s6700_firmware:v200r001c00spc300", "cpe:/o:huawei:s3300_firmware:v100r006c05", "cpe:/o:huawei:s9300e_firmware:v200r001c00spc300", "cpe:/o:huawei:s9300e_firmware:v200r002c00spc300", "cpe:/o:huawei:s6300_firmware:v200r003c00spc300", "cpe:/o:huawei:s5300_firmware:v200r001c00spc300", "cpe:/o:huawei:s7700_firmware:v200r003c00spc500", "cpe:/o:huawei:s2300_firmware:v100r006c05", "cpe:/o:huawei:s9300e_firmware:v200r003c00spc500", "cpe:/o:huawei:s9300_firmware:v200r002c00spc300", "cpe:/o:huawei:s7700_firmware:v200r001c00spc300", "cpe:/o:huawei:s9700_firmware:v200r002c00spc300", "cpe:/o:huawei:s9300_firmware:v200r001c00spc300", "cpe:/o:huawei:s5700_firmware:v200r001c00spc300", "cpe:/o:huawei:s5300_firmware:v200r002c00spc300", "cpe:/o:huawei:s9700_firmware:v200r003c00spc500", "cpe:/o:huawei:s7700_firmware:v200r002c00spc300", "cpe:/o:huawei:s6700_firmware:v200r002c00spc300"], "id": "CVE-2014-5394", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-5394", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:huawei:s9300e_firmware:v200r003c00spc500:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s5700_firmware:v200r002c00spc300:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s9300e_firmware:v200r002c00spc300:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s6700_firmware:v200r001c00spc300:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s9300_firmware:v200r002c00spc300:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s9700_firmware:v200r002c00spc300:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s7700_firmware:v200r002c00spc300:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s2300_firmware:v100r006c05:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s5700_firmware:v200r003c00spc300:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s7700_firmware:v200r003c00spc500:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s5700_firmware:v200r001c00spc300:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s6300_firmware:v200r003c00spc300:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s9300e_firmware:v200r001c00spc300:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s6700_firmware:v200r003c00spc300:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s9300_firmware:v200r003c00spc500:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s6300_firmware:v200r001c00spc300:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s5300_firmware:v200r001c00spc300:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s9300_firmware:v200r001c00spc300:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s5300_firmware:v200r003c00spc300:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s7700_firmware:v200r001c00spc300:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s9700_firmware:v200r003c00spc500:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s5300_firmware:v200r002c00spc300:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s3300_firmware:v100r006c05:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s3700_firmware:v100r006c05:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s2700_firmware:v100r006c05:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s6700_firmware:v200r002c00spc300:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s9700_firmware:v200r001c00spc300:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s6300_firmware:v200r002c00spc300:*:*:*:*:*:*:*"]}], "huawei": [{"lastseen": "2019-02-01T18:01:29", "bulletinFamily": "software", "cvelist": ["CVE-2014-5394"], "description": "Products\n\nSwitches\nRouters\nWLAN\nServers\nSee All\n\n\n\nSolutions\n\nCloud Data Center\nEnterprise Networking\nWireless Private Network\nSolutions by Industry\nSee All\n\n\n\nServices\n\nTraining and Certification\nICT Lifecycle Services\nTechnology Services\nIndustry Solution Services\nSee All\n\n\n\nSee all offerings at e.huawei.com\n\n\n\nNeed Support ?\n\nProduct Support\nSoftware Download\nCommunity\nTools\n\nGo to Full Support", "edition": 1, "modified": "2014-08-27T00:00:00", "published": "2014-08-20T00:00:00", "id": "HUAWEI-SA-20140820-01-CAMPUS-SWITCH", "href": "https://www.huawei.com/en/psirt/security-advisories/2014/hw-362701", "title": "Security Advisory- SSH Username Information Disclosure Vulnerability in Huawei Campus Switch", "type": "huawei", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "openvas": [{"lastseen": "2020-06-10T19:13:53", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-5394"], "description": "Multiple Huawei Campus switches allow remote attackers to enumerate\n usernames via vectors involving use of SSH by the maintenance terminal.", "modified": "2020-06-08T00:00:00", "published": "2018-01-12T00:00:00", "id": "OPENVAS:1361412562310113083", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310113083", "type": "openvas", "title": "Huawei Switches Information Disclosure Vulnerability (huawei-sa-20140820-01-campus)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Huawei Switches Information Disclosure Vulnerability\n#\n# Authors:\n# Jan Philipp Schulte <jan.schulte@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, https://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif( description )\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.113083\");\n script_version(\"2020-06-08T14:13:59+0000\");\n script_tag(name:\"last_modification\", value:\"2020-06-08 14:13:59 +0000 (Mon, 08 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-01-12 14:44:44 +0100 (Fri, 12 Jan 2018)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_cve_id(\"CVE-2014-5394\");\n\n script_name(\"Huawei Switches Information Disclosure Vulnerability (huawei-sa-20140820-01-campus)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Huawei\");\n script_dependencies(\"gb_huawei_vrp_network_device_consolidation.nasl\");\n script_mandatory_keys(\"huawei/vrp/detected\");\n\n script_tag(name:\"summary\", value:\"Multiple Huawei Campus switches allow remote attackers to enumerate\n usernames via vectors involving use of SSH by the maintenance terminal.\");\n\n script_tag(name:\"vuldetect\", value:\"The script checks if the target host is an affected product that\n has a vulnerable firmware version installed.\");\n\n script_tag(name:\"affected\", value:\"The following Huawei Switch models and firmware versions are affected:\n\n Huawei Campus Switch S9300/S9300E/S7700/S9700 versions: V200R001C00SPC300, V200R002C00SPC300, V200R003C00SPC500\n\n Huawei Campus Switch S5700/S6700/S5300/S6300 versions: V200R001C00SPC300, V200R002C00SPC300, V200R003C00SPC300\n\n Huawei Campus Switch S2300/S2700/S3300/S3700 versions: V100R006C05\");\n\n script_tag(name:\"solution\", value:\"Update the software according to your product:\n\n Huawei Campus Switch S9300/S9300E/S7700/S9700 fixed version: V200R005C00SPC300\n\n Huawei Campus Switch S5700/S6700/S5300/S6300 fixed version: V200R005C00SPC300\n\n Huawei Campus Switch S2300/S2700/S3300/S3700 fixed version: V100R006SPH018\");\n\n script_xref(name:\"URL\", value:\"https://www.huawei.com/us/psirt/security-advisories/2014/hw-362701\");\n script_xref(name:\"URL\", value:\"https://exchange.xforce.ibmcloud.com/vulnerabilities/97763\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\ncpe_list = make_list(\"cpe:/o:huawei:s9300_firmware\",\n \"cpe:/o:huawei:s9300e_firmware\",\n \"cpe:/o:huawei:s7700_firmware\",\n \"cpe:/o:huawei:s9700_firmware\",\n \"cpe:/o:huawei:s5700_firmware\",\n \"cpe:/o:huawei:s6700_firmware\",\n \"cpe:/o:huawei:s5300_firmware\",\n \"cpe:/o:huawei:s6300_firmware\",\n \"cpe:/o:huawei:s2300_firmware\",\n \"cpe:/o:huawei:s2700_firmware\",\n \"cpe:/o:huawei:s3300_firmware\",\n \"cpe:/o:huawei:s3700_firmware\"\n );\n\nif (!infos = get_app_port_from_list(cpe_list: cpe_list))\n exit(0);\n\ncpe = infos[\"cpe\"];\n\nif (!version = get_app_version(cpe: cpe, nofork: TRUE))\n exit(0);\n\nversion = toupper(version);\n\nif (cpe == \"cpe:/o:huawei:s9300_firmware\" || cpe == \"cpe:/o:huawei:s9300e_firmware\" || cpe == \"cpe:/o:huawei:s7700_firmware\" || cpe == \"cpe:/o:huawei:s9700_firmware\") {\n if (version == \"V200R001C00SPC300\" || version == \"V200R002C00SPC300\" || version == \"V200R003C00SPC500\") {\n report = report_fixed_ver(installed_version: version, fixed_version: \"V200R005C00SPC300\");\n security_message(port: 0, data: report);\n exit(0);\n }\n}\n\nif (cpe == \"cpe:/o:huawei:s5700_firmware\" || cpe == \"cpe:/o:huawei:s6700_firmware\" || cpe == \"cpe:/o:huawei:s5300_firmware\" || cpe == \"cpe:/o:huawei:s6300_firmware\") {\n if (version == \"V200R001C00SPC300\" || version == \"V200R002C00SPC300\" || version == \"V200R003C00SPC300\") {\n report = report_fixed_ver(installed_version: version, fixed_version: \"V200R005C00SPC300\");\n security_message(port: 0, data: report);\n exit(0);\n }\n}\n\nif (cpe == \"cpe:/o:huawei:s2300_firmware\" || cpe == \"cpe:/o:huawei:s2700_firmware\" || cpe == \"cpe:/o:huawei:s3300_firmware\" || cpe == \"cpe:/o:huawei:s3700_firmware\") {\n if (version == \"V100R006C05\") {\n report = report_fixed_ver(installed_version: version, fixed_version: \"V100R006SPH018\");\n security_message(port: 0, data: report);\n exit(0);\n }\n}\n\nexit(99);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}]}