Weak password vulnerability in Huawei S3700-28TP-SI-AC management platform

Founded in 1987, Huawei is a leading global provider of ICT information and communications infrastructure and smart terminals. A weak password vulnerability exists in Huawei S3700-28TP-SI-AC management platform, which can be exploited by attackers to obtain sensitive information...

Huawei Products Multiple DoS Vulnerabilities (huawei-sa-20171201-01-xml)

Multiple Huawei products are prone to multiple denial of service vulnerabilities in the XML parser. This VT has been deprecated as a duplicate of the VT SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Memory corruption

Huawei S12700 V200R005C00; V200R006C00; V200R007C00; V200R007C01; V200R007C20; V200R008C00; V200R009C00;S1700 V200R006C10; V200R009C00;S2700 V100R006C03; V200R003C00; V200R005C00; V200R006C00; V200R006C10; V200R007C00; V200R007C00B050; V200R007C00SPC009T; V200R007C00SPC019T; V200R008C00;...

Design/Logic Flaw

XML parser in Huawei S12700 V200R005C00,S1700 V200R009C00, V200R010C00,S3700 V100R006C03, V100R006C05,S5700 V200R001C00, V200R002C00, V200R003C00, V200R003C02, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00,S6700 V200R001C00, V200R002C00, V200R003C00, V200R005C00,...

CVE-2017-15333

XML parser in Huawei S12700 V200R005C00,S1700 V200R009C00, V200R010C00,S3700 V100R006C03, V100R006C05,S5700 V200R001C00, V200R002C00, V200R003C00, V200R003C02, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00,S6700 V200R001C00, V200R002C00, V200R003C00, V200R005C00,...

CVE-2017-15333

Huawei’s CVE-2017-15333 affects the XML parser in a wide range of Huawei enterprise switches (examples: S12700, S3700, S5700, S6700, S7700, S9700, eCNS210_TD line) across multiple firmware branches (e.g., V200R005C00, V200R009C00, V200R010C00, V100R006C03/05, V200R001C00…V200R010C00, and others)....

Huawei Switches Information Disclosure Vulnerability (huawei-sa-20140820-01-campus)

Multiple Huawei Campus switches allow remote attackers to enumerate usernames via vectors involving use of SSH by the maintenance terminal. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

CVE-2014-8572

Huawei AC6605 with software V200R001C00; AC6605 with software V200R002C00; ACU with software V200R001C00; ACU with software V200R002C00; S2300, S3300, S2700, S3700 with software V100R006C05 and earlier versions; S5300, S5700, S6300, S6700 with software V100R006, V200R001, V200R002, V200R003,...

CVE-2014-8572

CVE-2014-8572 affects Huawei VRP-based devices (e.g., AC6605, ACU, S2300/S3300/S2700/S3700, S5300/S5700/S6300/S6700, S7700/S9300/S9300E/S9700) where the SSH server processes a message without valid checksums, allowing remote attackers to send a crafted SSH packet to cause a denial of service. Con...

Security Advisory- SSH Username Information Disclosure Vulnerability in Huawei Campus Switch

Some versions of Huawei Campus switch series products S9300/S9300E/S7700/S9700 /S5700/S6700/S5300/S6300/S2300/S2700/S3300/S3700 are affected by username information disclosure vulnerability. When the maintenance terminal of a Huawei Campus switch uses SSH to log in to a server, attackers can gues...

CVE-2012-4960

CVE-2012-4960 covers a DES-based password encryption weakness in Huawei networking devices (including NE5000E, NE40E/80E, CX/ CX600, and related models). The root cause is use of DES for stored passwords, enabling brute-force or context-dependent attacks to recover cleartext passwords. Public adv...