Sign-up

ID

VAR-201903-0647


CVE

CVE-2015-2254


TITLE

Huawei OceanStor UDS Information disclosure vulnerability in device software

Trust: 0.8

sources: JVNDB: JVNDB-2015-008237

DESCRIPTION

Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers to capture and change patch loading information resulting in the deletion of directory files and compromise of system functions when loading a patch. Huawei OceanStor UDS Device software contains an information disclosure vulnerability.Tampering with information and disrupting service operations (DoS) There is a possibility of being put into a state

Trust: 1.62

sources: NVD: CVE-2015-2254 // JVNDB: JVNDB-2015-008237

AFFECTED PRODUCTS

vendor:huaweimodel:oceanstor udsscope:ltversion:100r002c01spc102

Trust: 1.0

vendor:huaweimodel:oceanstor udsscope:ltversion:v100r002c01spc102

Trust: 0.8

sources: JVNDB: JVNDB-2015-008237 // NVD: CVE-2015-2254

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-2254
value: CRITICAL

Trust: 1.0

NVD: CVE-2015-2254
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-201903-489
value: CRITICAL

Trust: 0.6

nvd@nist.gov: CVE-2015-2254
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

nvd@nist.gov: CVE-2015-2254
baseSeverity: CRITICAL
baseScore: 9.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.2
version: 3.0

Trust: 1.8

sources: JVNDB: JVNDB-2015-008237 // CNNVD: CNNVD-201903-489 // NVD: CVE-2015-2254

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.8

sources: JVNDB: JVNDB-2015-008237 // NVD: CVE-2015-2254

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201903-489

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201903-489

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-008237

PATCH
title:Huawei-SA-20150318-02-UDSurl:https://www.huawei.com/en/psirt/security-advisories/hw-417839
Trust: 0.8
title:Huawei OceanStor UDS Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=90102
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2015-008237 // 
            
            
            
            CNNVD: CNNVD-201903-489

EXTERNAL IDS
db:NVDid:CVE-2015-2254
Trust: 2.4
db:JVNDBid:JVNDB-2015-008237
Trust: 0.8
db:CNNVDid:CNNVD-201903-489
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2015-008237 // 
            
            
            
            CNNVD: CNNVD-201903-489 // 
            
            
            
            NVD: CVE-2015-2254

REFERENCES
url:https://www.huawei.com/en/psirt/security-advisories/hw-417839
Trust: 1.6
url:https://nvd.nist.gov/vuln/detail/cve-2015-2254
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-2254
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2015-008237 // 
            
            
            
            CNNVD: CNNVD-201903-489 // 
            
            
            
            NVD: CVE-2015-2254

SOURCES
db:JVNDBid:JVNDB-2015-008237
db:CNNVDid:CNNVD-201903-489
db:NVDid:CVE-2015-2254

LAST UPDATE DATE
2024-11-23T22:37:54.446000+00:00

SOURCES UPDATE DATE
db:JVNDBid:JVNDB-2015-008237date:2019-04-09T00:00:00
db:CNNVDid:CNNVD-201903-489date:2019-03-15T00:00:00
db:NVDid:CVE-2015-2254date:2024-11-21T02:27:06.010

SOURCES RELEASE DATE
db:JVNDBid:JVNDB-2015-008237date:2019-04-09T00:00:00
db:CNNVDid:CNNVD-201903-489date:2019-03-13T00:00:00
db:NVDid:CVE-2015-2254date:2019-03-13T16:29:00.220