Lucene search

[email protected]NVD:CVE-2014-9136

HistoryApr 02, 2017 - 8:59 p.m.

CVE-2014-9136

2017-04-0220:59:00

CWE-352

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.8

Confidence

High

EPSS

0.001

Percentile

43.9%

JSON

Huawei FusionManager with software V100R002C03 and V100R003C00 could allow an unauthenticated, remote attacker to conduct a CSRF attack against the user of the web interface.

Affected configurations

Nvd

Node

huaweifusionmanagerRange≤v100r002c03

huaweifusionmanagerRange≤v100r003c00

Node

huaweiusg9500_firmwareRange≤v200r001c01spc800

huaweiusg9500_firmwareRange≤v300r001c00

AND

huaweiusg9500Match-

Node

huaweiusg2100_firmwareRange≤v300r001c00spc900

AND

huaweiusg2100Match-

Node

huaweiusg2200_firmwareRange≤v300r001c00spc900

AND

huaweiusg2200Match-

Node

huaweiusg5100_firmwareRange≤v300r001c00spc900

AND

huaweiusg5100Match-

Node

huaweiusg5500_firmwareRange≤v300r001c00spc900

AND

huaweiusg5500Match-

VendorProductVersionCPE
huaweifusionmanager*cpe:2.3:a:huawei:fusionmanager:*:*:*:*:*:*:*:*
huaweiusg9500_firmware*cpe:2.3:o:huawei:usg9500_firmware:*:*:*:*:*:*:*:*
huaweiusg9500-cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*
huaweiusg2100_firmware*cpe:2.3:o:huawei:usg2100_firmware:*:*:*:*:*:*:*:*
huaweiusg2100-cpe:2.3:h:huawei:usg2100:-:*:*:*:*:*:*:*
huaweiusg2200_firmware*cpe:2.3:o:huawei:usg2200_firmware:*:*:*:*:*:*:*:*
huaweiusg2200-cpe:2.3:h:huawei:usg2200:-:*:*:*:*:*:*:*
huaweiusg5100_firmware*cpe:2.3:o:huawei:usg5100_firmware:*:*:*:*:*:*:*:*
huaweiusg5100-cpe:2.3:h:huawei:usg5100:-:*:*:*:*:*:*:*
huaweiusg5500_firmware*cpe:2.3:o:huawei:usg5500_firmware:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
huawei	fusionmanager	*	cpe:2.3:a:huawei:fusionmanager::::::::
huawei	usg9500_firmware	*	cpe:2.3:o:huawei:usg9500_firmware::::::::
huawei	usg9500	-	cpe:2.3:h:huawei:usg9500:-:::::::*
huawei	usg2100_firmware	*	cpe:2.3:o:huawei:usg2100_firmware::::::::
huawei	usg2100	-	cpe:2.3:h:huawei:usg2100:-:::::::*
huawei	usg2200_firmware	*	cpe:2.3:o:huawei:usg2200_firmware::::::::
huawei	usg2200	-	cpe:2.3:h:huawei:usg2200:-:::::::*
huawei	usg5100_firmware	*	cpe:2.3:o:huawei:usg5100_firmware::::::::
huawei	usg5100	-	cpe:2.3:h:huawei:usg5100:-:::::::*
huawei	usg5500_firmware	*	cpe:2.3:o:huawei:usg5500_firmware::::::::

Rows per page:

1-10 of 111

References

www.huawei.com/en/psirt/security-advisories/hw-372186

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.8

Confidence

High

EPSS

0.001

Percentile

43.9%

JSON

Related for NVD:CVE-2014-9136

prion1 cvelist1 cve1 huawei1