Uma Security Vulnerabilities and Issues — Uma CVE List

Lucene search

HuaweiUma

18 matches found

CVE•added 2016/09/07 7:28 p.m.•48 views

CVE-2016-7107

Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 SPH206 allows remote attackers to reset arbitrary user passwords and consequently affect system data integrity via unspecified vectors.

7.5CVSS7.5AI score0.00158EPSS

CVE•added 2017/11/22 7:29 p.m.•46 views

CVE-2017-8129

The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges.

9.8CVSS9.7AI score0.0023EPSS

CVE•added 2017/11/22 7:29 p.m.•45 views

CVE-2017-8121

The UMA product with software V200R001 and V300R001 has an information leak vulnerability. An attacker could exploit them to obtain some sensitive information, causing information leak.

5.3CVSS5AI score0.00111EPSS

CVE•added 2017/11/22 7:29 p.m.•45 views

CVE-2017-8124

The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges.

9.8CVSS9.7AI score0.00224EPSS

CVE•added 2017/11/22 7:29 p.m.•43 views

CVE-2017-8122

9.8CVSS9.7AI score0.00256EPSS

CVE•added 2017/11/22 7:29 p.m.•42 views

CVE-2017-8118

The UMA product with software V200R001 and V300R001 has an information leak vulnerability. An attacker could exploit them to obtain some sensitive information, causing information leak.

2.3CVSS3.6AI score0.00028EPSS

CVE•added 2017/11/22 7:29 p.m.•42 views

CVE-2017-8123

9.8CVSS9.7AI score0.00224EPSS

CVE•added 2017/11/22 7:29 p.m.•42 views

CVE-2017-8128

9.8CVSS9.7AI score0.0023EPSS

CVE•added 2017/11/22 7:29 p.m.•41 views

CVE-2017-8117

9.8CVSS9.7AI score0.00224EPSS

CVE•added 2017/11/22 7:29 p.m.•41 views

CVE-2017-8125

The UMA product with software V200R001 and V300R001 has a cross-site scripting (XSS) vulnerability due to insufficient input validation. An attacker could craft malicious links or scripts to launch XSS attacks.

6.1CVSS5.8AI score0.00124EPSS

CVE•added 2017/11/22 7:29 p.m.•41 views

CVE-2017-8127

The UMA product with software V200R001 has a cross-site scripting (XSS) vulnerability due to insufficient input validation. An attacker could craft malicious links or scripts to launch XSS attacks.

6.1CVSS5.8AI score0.00124EPSS

CVE•added 2017/11/22 7:29 p.m.•41 views

CVE-2017-8130

The UMA product with software V200R001 and V300R001 has an information leak vulnerability. An attacker could exploit them to obtain some sensitive information, causing information leak.

6.5CVSS6.1AI score0.0017EPSS

CVE•added 2017/11/22 7:29 p.m.•40 views

CVE-2017-8119

9.8CVSS9.7AI score0.00224EPSS

CVE•added 2017/11/22 7:29 p.m.•39 views

CVE-2017-8120

9.8CVSS9.7AI score0.00224EPSS

CVE•added 2017/11/22 7:29 p.m.•39 views

CVE-2017-8126

9.8CVSS9.7AI score0.00224EPSS

CVE•added 2016/09/07 7:28 p.m.•38 views

CVE-2016-7108

Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 SPH206 allows remote authenticated users to obtain the MD5 hashes of arbitrary user passwords via unspecified vectors.

6.5CVSS6.1AI score0.00166EPSS

CVE•added 2016/09/07 7:28 p.m.•38 views

CVE-2016-7109

Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 allows remote attackers to execute arbitrary commands via "special characters," a different vulnerability than CVE-2016-7110.

10CVSS9.8AI score0.01749EPSS

CVE•added 2016/09/07 7:28 p.m.•36 views

CVE-2016-7110

Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 allows remote attackers to execute arbitrary commands via "special characters," a different vulnerability than CVE-2016-7109.

10CVSS9.8AI score0.01749EPSS