Total
20 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-0708 | 3 Huawei, Microsoft, Siemens | 131 Agile Controller-campus, Agile Controller-campus Firmware, Bh620 V2 and 128 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. | |||||
CVE-2017-8130 | 1 Huawei | 1 Uma | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
The UMA product with software V200R001 and V300R001 has an information leak vulnerability. An attacker could exploit them to obtain some sensitive information, causing information leak. | |||||
CVE-2017-8129 | 1 Huawei | 1 Uma | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges. | |||||
CVE-2017-8128 | 1 Huawei | 1 Uma | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges. | |||||
CVE-2017-8127 | 1 Huawei | 1 Uma | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
The UMA product with software V200R001 has a cross-site scripting (XSS) vulnerability due to insufficient input validation. An attacker could craft malicious links or scripts to launch XSS attacks. | |||||
CVE-2017-8126 | 1 Huawei | 1 Uma | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges. | |||||
CVE-2017-8125 | 1 Huawei | 1 Uma | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
The UMA product with software V200R001 and V300R001 has a cross-site scripting (XSS) vulnerability due to insufficient input validation. An attacker could craft malicious links or scripts to launch XSS attacks. | |||||
CVE-2017-8124 | 1 Huawei | 1 Uma | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges. | |||||
CVE-2017-8123 | 1 Huawei | 1 Uma | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges. | |||||
CVE-2017-8122 | 1 Huawei | 1 Uma | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges. | |||||
CVE-2017-8121 | 1 Huawei | 1 Uma | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
The UMA product with software V200R001 and V300R001 has an information leak vulnerability. An attacker could exploit them to obtain some sensitive information, causing information leak. | |||||
CVE-2017-8120 | 1 Huawei | 1 Uma | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges. | |||||
CVE-2017-8119 | 1 Huawei | 1 Uma | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges. | |||||
CVE-2017-8118 | 1 Huawei | 1 Uma | 2024-11-21 | 2.1 LOW | 2.3 LOW |
The UMA product with software V200R001 and V300R001 has an information leak vulnerability. An attacker could exploit them to obtain some sensitive information, causing information leak. | |||||
CVE-2017-8117 | 1 Huawei | 1 Uma | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges. | |||||
CVE-2017-15329 | 1 Huawei | 2 Uma, Uma Firmware | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
Huawei UMA V200R001C00 has a SQL injection vulnerability in the operation and maintenance module. An attacker logs in to the system as a common user and sends crafted HTTP requests that contain malicious SQL statements to the affected system. Due to a lack of input validation on HTTP requests that contain user-supplied input, successful exploitation may allow the attacker to execute arbitrary SQL queries. | |||||
CVE-2016-7110 | 1 Huawei | 1 Uma | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 allows remote attackers to execute arbitrary commands via "special characters," a different vulnerability than CVE-2016-7109. | |||||
CVE-2016-7109 | 1 Huawei | 1 Uma | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 allows remote attackers to execute arbitrary commands via "special characters," a different vulnerability than CVE-2016-7110. | |||||
CVE-2016-7108 | 1 Huawei | 1 Uma | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 SPH206 allows remote authenticated users to obtain the MD5 hashes of arbitrary user passwords via unspecified vectors. | |||||
CVE-2016-7107 | 1 Huawei | 1 Uma | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 SPH206 allows remote attackers to reset arbitrary user passwords and consequently affect system data integrity via unspecified vectors. |