CVE-2015-8335

Huawei VCN500 (software prior to V100R002C00SPC201) stores user passwords in plaintext in logs, enabling remote authenticated users to obtain sensitive information by triggering log generation and reading the logs. The issue is caused by plaintext password logging in the device’s logging mechanis...

Security Advisory - Plaintext User Password Vulnerability in VCN500 Logs

Huawei VCN500 Video Cloud Node logs user passwords in plaintext for specific operations on the certain interface, leading to user password leakage. Vulnerability ID：HWPSIRT-2015-09032 This vulnerability has been assigned Common Vulnerabilities and Exposures CVE ID: CVE-2015-8335. Huawei has...