Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for eSpace 7950 by Huawei Technologies Co., Ltd.

    CVE-2018-7960 (GCVE-0-2018-7960)

    Vulnerability from nvd – Published: 2018-11-27 22:00 – Updated: 2024-08-05 06:37
    VLAI
    Summary
    There is a SRTP icon display vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept the packets in non-secure transmission mode. Successful exploitation may intercept and tamper with the call information, eventually cause sensitive information leak.
    Severity
    No CVSS data available.
    CWE
    • information leakage
    Assigner
    References
    Impacted products
    Date Public
    2018-11-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T06:37:59.756Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181114-02-espace-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "eSpace 7950",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "V200R003C30"
                }
              ]
            }
          ],
          "datePublic": "2018-11-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "There is a SRTP icon display vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept the packets in non-secure transmission mode. Successful exploitation may intercept and tamper with the call information, eventually cause sensitive information leak."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "information leakage",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-11-27T21:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181114-02-espace-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2018-7960",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "eSpace 7950",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "V200R003C30"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There is a SRTP icon display vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept the packets in non-secure transmission mode. Successful exploitation may intercept and tamper with the call information, eventually cause sensitive information leak."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "information leakage"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181114-02-espace-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181114-02-espace-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2018-7960",
        "datePublished": "2018-11-27T22:00:00.000Z",
        "dateReserved": "2018-03-09T00:00:00.000Z",
        "dateUpdated": "2024-08-05T06:37:59.756Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-7959 (GCVE-0-2018-7959)

    Vulnerability from nvd – Published: 2018-11-27 22:00 – Updated: 2024-08-05 06:37
    VLAI
    Summary
    There is a short key vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept and decrypt the call information when the user enables SRTP to make a call. Successful exploitation may cause sensitive information leak.
    Severity
    No CVSS data available.
    CWE
    • information leakage
    Assigner
    References
    Impacted products
    Date Public
    2018-11-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T06:37:59.691Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181114-02-espace-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "eSpace 7950",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "V200R003C30"
                }
              ]
            }
          ],
          "datePublic": "2018-11-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "There is a short key vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept and decrypt the call information when the user enables SRTP to make a call. Successful exploitation may cause sensitive information leak."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "information leakage",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-11-27T21:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181114-02-espace-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2018-7959",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "eSpace 7950",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "V200R003C30"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There is a short key vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept and decrypt the call information when the user enables SRTP to make a call. Successful exploitation may cause sensitive information leak."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "information leakage"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181114-02-espace-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181114-02-espace-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2018-7959",
        "datePublished": "2018-11-27T22:00:00.000Z",
        "dateReserved": "2018-03-09T00:00:00.000Z",
        "dateUpdated": "2024-08-05T06:37:59.691Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-7958 (GCVE-0-2018-7958)

    Vulnerability from nvd – Published: 2018-11-27 22:00 – Updated: 2024-08-05 06:37
    VLAI
    Summary
    There is an anonymous TLS cipher suites supported vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to hijack the connection from a client when the user signs up to log in by TLS. Due to insufficient authentication, which may be exploited to intercept and tamper with the data information.
    Severity
    No CVSS data available.
    CWE
    • anonymous TLS cipher suites supported
    Assigner
    References
    Impacted products
    Date Public
    2018-11-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T06:37:59.643Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181114-01-espace-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "eSpace 7950",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "V200R003C30"
                }
              ]
            }
          ],
          "datePublic": "2018-11-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "There is an anonymous TLS cipher suites supported vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to hijack the connection from a client when the user signs up to log in by TLS. Due to insufficient authentication, which may be exploited to intercept and tamper with the data information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "anonymous TLS cipher suites supported",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-11-27T21:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181114-01-espace-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2018-7958",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "eSpace 7950",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "V200R003C30"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There is an anonymous TLS cipher suites supported vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to hijack the connection from a client when the user signs up to log in by TLS. Due to insufficient authentication, which may be exploited to intercept and tamper with the data information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "anonymous TLS cipher suites supported"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181114-01-espace-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181114-01-espace-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2018-7958",
        "datePublished": "2018-11-27T22:00:00.000Z",
        "dateReserved": "2018-03-09T00:00:00.000Z",
        "dateUpdated": "2024-08-05T06:37:59.643Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-7958 (GCVE-0-2018-7958)

    Vulnerability from cvelistv5 – Published: 2018-11-27 22:00 – Updated: 2024-08-05 06:37
    VLAI
    Summary
    There is an anonymous TLS cipher suites supported vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to hijack the connection from a client when the user signs up to log in by TLS. Due to insufficient authentication, which may be exploited to intercept and tamper with the data information.
    Severity
    No CVSS data available.
    CWE
    • anonymous TLS cipher suites supported
    Assigner
    References
    Impacted products
    Date Public
    2018-11-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T06:37:59.643Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181114-01-espace-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "eSpace 7950",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "V200R003C30"
                }
              ]
            }
          ],
          "datePublic": "2018-11-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "There is an anonymous TLS cipher suites supported vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to hijack the connection from a client when the user signs up to log in by TLS. Due to insufficient authentication, which may be exploited to intercept and tamper with the data information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "anonymous TLS cipher suites supported",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-11-27T21:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181114-01-espace-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2018-7958",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "eSpace 7950",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "V200R003C30"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There is an anonymous TLS cipher suites supported vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to hijack the connection from a client when the user signs up to log in by TLS. Due to insufficient authentication, which may be exploited to intercept and tamper with the data information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "anonymous TLS cipher suites supported"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181114-01-espace-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181114-01-espace-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2018-7958",
        "datePublished": "2018-11-27T22:00:00.000Z",
        "dateReserved": "2018-03-09T00:00:00.000Z",
        "dateUpdated": "2024-08-05T06:37:59.643Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-7959 (GCVE-0-2018-7959)

    Vulnerability from cvelistv5 – Published: 2018-11-27 22:00 – Updated: 2024-08-05 06:37
    VLAI
    Summary
    There is a short key vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept and decrypt the call information when the user enables SRTP to make a call. Successful exploitation may cause sensitive information leak.
    Severity
    No CVSS data available.
    CWE
    • information leakage
    Assigner
    References
    Impacted products
    Date Public
    2018-11-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T06:37:59.691Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181114-02-espace-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "eSpace 7950",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "V200R003C30"
                }
              ]
            }
          ],
          "datePublic": "2018-11-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "There is a short key vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept and decrypt the call information when the user enables SRTP to make a call. Successful exploitation may cause sensitive information leak."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "information leakage",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-11-27T21:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181114-02-espace-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2018-7959",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "eSpace 7950",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "V200R003C30"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There is a short key vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept and decrypt the call information when the user enables SRTP to make a call. Successful exploitation may cause sensitive information leak."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "information leakage"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181114-02-espace-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181114-02-espace-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2018-7959",
        "datePublished": "2018-11-27T22:00:00.000Z",
        "dateReserved": "2018-03-09T00:00:00.000Z",
        "dateUpdated": "2024-08-05T06:37:59.691Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-7960 (GCVE-0-2018-7960)

    Vulnerability from cvelistv5 – Published: 2018-11-27 22:00 – Updated: 2024-08-05 06:37
    VLAI
    Summary
    There is a SRTP icon display vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept the packets in non-secure transmission mode. Successful exploitation may intercept and tamper with the call information, eventually cause sensitive information leak.
    Severity
    No CVSS data available.
    CWE
    • information leakage
    Assigner
    References
    Impacted products
    Date Public
    2018-11-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T06:37:59.756Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181114-02-espace-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "eSpace 7950",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "V200R003C30"
                }
              ]
            }
          ],
          "datePublic": "2018-11-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "There is a SRTP icon display vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept the packets in non-secure transmission mode. Successful exploitation may intercept and tamper with the call information, eventually cause sensitive information leak."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "information leakage",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-11-27T21:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181114-02-espace-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2018-7960",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "eSpace 7950",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "V200R003C30"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There is a SRTP icon display vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept the packets in non-secure transmission mode. Successful exploitation may intercept and tamper with the call information, eventually cause sensitive information leak."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "information leakage"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181114-02-espace-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181114-02-espace-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2018-7960",
        "datePublished": "2018-11-27T22:00:00.000Z",
        "dateReserved": "2018-03-09T00:00:00.000Z",
        "dateUpdated": "2024-08-05T06:37:59.756Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }