Huawei Quidway Switch vor VASP-V200R001SPH003 Firewall Module Information Disclosure

EintraganpassenHistoryDiffjsonxmlCTI

In Huawei Quidway Switch wurde eine problematische Schwachstelle gefunden. Es geht um eine unbekannte Funktion der Komponente Firewall Module. Ein Upgrade auf die Version VASP-V200R001SPH003 vermag dieses Problem zu beheben. Das Erscheinen einer Gegenmassnahme geschah vor und nicht erst nach der Veröffentlichung der Schwachstelle. Huawei hat folglich vorgängig reagiert.

Feld13.05.2017 09:4811.05.2021 16:1611.05.2021 16:23
vendorHuaweiHuaweiHuawei
nameQuidway SwitchQuidway SwitchQuidway Switch
componentFirewall ModuleFirewall ModuleFirewall Module
affectedlistS7700 SPU - V200R001C00SPC300/V200R001C10SPC300 S9300 SPU - V200R001C00SPC300/V200R001C10SPC300 S9700 SPU - V200R001C00SPC300/V200R001C10SPC300S7700 SPU - V200R001C00SPC300/V200R001C10SPC300 S9300 SPU - V200R001C00SPC300/V200R001C10SPC300 S9700 SPU - V200R001C00SPC300/V200R001C10SPC300S7700 SPU - V200R001C00SPC300/V200R001C10SPC300 S9300 SPU - V200R001C00SPC300/V200R001C10SPC300 S9700 SPU - V200R001C00SPC300/V200R001C10SPC300
risk111
historic000
cvss2_vuldb_basescore4.94.94.9
cvss2_vuldb_tempscore3.83.83.8
cvss2_vuldb_avNNN
cvss2_vuldb_acMMM
cvss2_vuldb_auSSS
cvss2_vuldb_ciPPP
cvss2_vuldb_iiNNN
cvss2_vuldb_aiPPP
cvss3_meta_basescore5.45.45.4
cvss3_meta_tempscore4.94.94.9
cvss3_vuldb_basescore5.45.45.4
cvss3_vuldb_tempscore4.94.94.9
date1368662400 (16.05.2013)1368662400 (16.05.2013)1368662400 (16.05.2013)
locationWebsiteWebsiteWebsite
typeAdvisoryAdvisoryAdvisory
urlhttp://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-261458.htmhttp://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-261458.htmhttp://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-261458.htm
identifierHuawei-SA-20130516-01-SPUHuawei-SA-20130516-01-SPUHuawei-SA-20130516-01-SPU
coordination111
confirm_urlhttp://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-261458.htmhttp://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-261458.htmhttp://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-261458.htm
disputed000
availability111
date1368662400 (16.05.2013)1368662400 (16.05.2013)1368662400 (16.05.2013)
publicity111
price_0day$5k-$25k$5k-$25k$5k-$25k
nameUpgradeUpgradeUpgrade
date1356912000 (31.12.2012)1356912000 (31.12.2012)1356912000 (31.12.2012)
upgrade_versionVASP-V200R001SPH003VASP-V200R001SPH003VASP-V200R001SPH003
cveCVE-2013-4628CVE-2013-4628CVE-2013-4628
osvdb934699346993469
xforce851658516585165
nessus_id773367733677336
cvss2_vuldb_ePOCPOCPOC
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_rcNDNDND
cvss3_vuldb_ePPP
cvss3_vuldb_rlOOO
cvss3_vuldb_rcXXX
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_prLLL
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cLLL
cvss3_vuldb_iNNN
cvss3_vuldb_aLLL
cwe200 (Information Disclosure)200 (Information Disclosure)200 (Information Disclosure)
cvss2_nvd_avNNN
cvss2_nvd_acMMM
cvss2_nvd_auSSS
cvss2_nvd_ciPPP
cvss2_nvd_iiNNN
cvss2_nvd_aiNNN
cve_assigned137168640013716864001371686400
cve_nvd_published137168640013716864001371686400
cve_nvd_summaryThe firewall module on the Huawei Quidway Service Process Unit (SPU) board S7700, S9300, and S9700 on Huawei Campus Switch devices allows remote authenticated users to obtain sensitive information from the high-priority security zone by leveraging access to the low-priority security zone.The firewall module on the Huawei Quidway Service Process Unit (SPU) board S7700, S9300, and S9700 on Huawei Campus Switch devices allows remote authenticated users to obtain sensitive information from the high-priority security zone by leveraging access to the low-priority security zone.The firewall module on the Huawei Quidway Service Process Unit (SPU) board S7700, S9300, and S9700 on Huawei Campus Switch devices allows remote authenticated users to obtain sensitive information from the high-priority security zone by leveraging access to the low-priority security zone.
securityfocus607106071060710
vulnerabilitycenter418694186941869
vulnerabilitycenter_titleHuawei Quidway SPU Board on Huawei Campus Switch Remote Information Disclosure VulnerabilityHuawei Quidway SPU Board on Huawei Campus Switch Remote Information Disclosure VulnerabilityHuawei Quidway SPU Board on Huawei Campus Switch Remote Information Disclosure Vulnerability
vulnerabilitycenter_severityMediumMediumMedium
vulnerabilitycenter_creationdate138162240013816224001381622400
vulnerabilitycenter_lastupdatedate140944320014094432001409443200
vulnerabilitycenter_reportingdate136866240013686624001368662400
nessus_nameHuawei Campus Switch Information Disclosure (HWNSIRT-2013-0317)Huawei Campus Switch Information Disclosure (HWNSIRT-2013-0317)Huawei Campus Switch Information Disclosure (HWNSIRT-2013-0317)
nessus_filenamehuawei-SA-20130516-01-SPU.naslhuawei-SA-20130516-01-SPU.naslhuawei-SA-20130516-01-SPU.nasl
nessus_familyHuawei Local Security ChecksHuawei Local Security ChecksHuawei Local Security Checks
nessus_date1408665600 (22.08.2014)1408665600 (22.08.2014)1408665600 (22.08.2014)
securityfocus_date1368655200 (16.05.2013)1368655200 (16.05.2013)
securityfocus_classDesign ErrorDesign Error
cvss2_nvd_basescore3.53.5
nessus_riskLow

Want to stay up to date on a daily basis?

Enable the mail alert feature now!