- Description
- Huawei S5300 Campus Series switches with software before V200R005SPH008 do not mask the password when uploading files, which allows physically proximate attackers to obtain sensitive password information by reading the display.
- Source
- cve@mitre.org
- NVD status
- Analyzed
CVSS 3.0
- Type
- Primary
- Base score
- 6.2
- Impact score
- 3.6
- Exploitability score
- 2.5
- Vector string
- CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:N/A:N
- nvd@nist.gov
- CWE-255
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r005c02:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EDC356D3-F015-46A0-8F7A-1C594F19535B"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5300:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "EF480893-332C-48EB-9402-0E3ABEE28C2A"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]