Sign-up

ID

VAR-201412-0685


TITLE

Huawei Tecal RH Series has multiple vulnerabilities

Trust: 0.6

sources: CNVD: CNVD-2014-09227

DESCRIPTION

The Huawei Tecal RH Series is a rack server product. The Huawei Tecal RH series failed to properly authenticate the user's HTTP request while processing the length of the DNS server packet, causing the user to perform some operations causing a buffer overflow or executing arbitrary code.

Trust: 0.6

sources: CNVD: CNVD-2014-09227

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2014-09227

AFFECTED PRODUCTS

vendor:huaweimodel:tecal rh seriesscope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2014-09227

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2014-09227
value: HIGH

Trust: 0.6

CNVD: CNVD-2014-09227
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2014-09227

PATCH

title:Huawei Tecal RH Series has multiple vulnerabilitiesurl:https://www.cnvd.org.cn/patchinfo/show/53401

Trust: 0.6

sources: CNVD: CNVD-2014-09227

EXTERNAL IDS

db:SECUNIAid:61508

Trust: 0.6

db:CNVDid:CNVD-2014-09227

Trust: 0.6

sources: CNVD: CNVD-2014-09227

REFERENCES

url:http://secunia.com/advisories/61508/

Trust: 0.6

url:http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-408100.htm

Trust: 0.6

sources: CNVD: CNVD-2014-09227

SOURCES

db:CNVDid:CNVD-2014-09227

LAST UPDATE DATE

2022-05-17T01:47:58.323000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2014-09227date:2014-12-30T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2014-09227date:2014-12-30T00:00:00