Sign-up

ID

VAR-201412-0629


TITLE

Huawei Tecal E9000 Chassis Hyper Module Management Privilege Escalation Vulnerability

Trust: 0.9

sources: CNVD: CNVD-2014-09163 // BID: 71778

DESCRIPTION

The Tecal E9000 Converged Architecture Blade Server is a new generation of powerful infrastructure platform from Huawei. Huawei Tecal E9000 Chassis is a blade server from China's Huawei. An elevation of privilege vulnerability exists in Huawei Tecal E9000 Chassis. An attacker could use this vulnerability to bypass security restrictions and gain elevated permissions on the affected system

Trust: 1.35

sources: CNVD: CNVD-2014-09163 // CNNVD: CNNVD-201412-501 // BID: 71778

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2014-09163

AFFECTED PRODUCTS

vendor:huaweimodel:tecal e9000scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2014-09163

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2014-09163
value: HIGH

Trust: 0.6

CNVD: CNVD-2014-09163
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2014-09163

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201412-501

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201412-501

PATCH

title:Huawei Tecal E9000 Chassis Hyper Module Management Rights Boost Vulnerability Patchurl:https://www.cnvd.org.cn/patchinfo/show/53167

Trust: 0.6

sources: CNVD: CNVD-2014-09163

EXTERNAL IDS

db:BIDid:71778

Trust: 1.5

db:CNVDid:CNVD-2014-09163

Trust: 0.6

db:CNNVDid:CNNVD-201412-501

Trust: 0.6

sources: CNVD: CNVD-2014-09163 // BID: 71778 // CNNVD: CNNVD-201412-501

REFERENCES

url:http://www.securityfocus.com/bid/71778

Trust: 1.2

url:http://www.huawei.com/

Trust: 0.3

url:http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-408102.htm

Trust: 0.3

url:http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-408118.htm

Trust: 0.3

sources: CNVD: CNVD-2014-09163 // BID: 71778 // CNNVD: CNNVD-201412-501

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 71778

SOURCES

db:CNVDid:CNVD-2014-09163
db:BIDid:71778
db:CNNVDid:CNNVD-201412-501

LAST UPDATE DATE

2022-05-17T01:43:21.472000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2014-09163date:2014-12-26T00:00:00
db:BIDid:71778date:2014-12-24T00:00:00
db:CNNVDid:CNNVD-201412-501date:2014-12-25T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2014-09163date:2014-12-26T00:00:00
db:BIDid:71778date:2014-12-24T00:00:00
db:CNNVDid:CNNVD-201412-501date:2014-12-25T00:00:00