2 matches found
CVE-2014-1688
CVE-2014-1688 is associated with Huawei CloudEngine switches. The Huawei HWPSIRT advisory and the NASL plugin describe a security bypass in the HWTACACS authorization module caused by a failure of access control. An authenticated attacker can exploit this to execute commands with higher‑level per...
Security Advisory-A Vulnerability on the HWTACACS Authorization Module of the CloudEngine
The HWTACACS modules of some Huawei CloudEngine series switches have vulnerabilities. Attackers can execute the commands that can be used by users with higher-level permissions by bypass the right check of HWTACACS server. HWPSIRT-2013-1256. This Vulnerability has been assigned Common...