Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
2 vulnerabilities found for imaster_nce-fabric_firmware by huawei
CVE-2021-22410 (GCVE-0-2021-22410)
Vulnerability from nvd – Published: 2021-11-23 14:55 – Updated: 2024-08-03 18:44
VLAI?
Summary
There is a XSS injection vulnerability in iMaster NCE-Fabric V100R019C10. A module of the client does not verify the input sufficiently. Attackers can exploit this vulnerability by modifying input after logging onto the client. This may compromise the normal service of the client.
Severity ?
No CVSS data available.
CWE
- XSS Injection
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | iMaster NCE-Fabric |
Affected:
V100R019C10
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.042Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210324-01-xss-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iMaster NCE-Fabric",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V100R019C10"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a XSS injection vulnerability in iMaster NCE-Fabric V100R019C10. A module of the client does not verify the input sufficiently. Attackers can exploit this vulnerability by modifying input after logging onto the client. This may compromise the normal service of the client."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "XSS Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-23T14:55:41.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210324-01-xss-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22410",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iMaster NCE-Fabric",
"version": {
"version_data": [
{
"version_value": "V100R019C10"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a XSS injection vulnerability in iMaster NCE-Fabric V100R019C10. A module of the client does not verify the input sufficiently. Attackers can exploit this vulnerability by modifying input after logging onto the client. This may compromise the normal service of the client."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210324-01-xss-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210324-01-xss-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22410",
"datePublished": "2021-11-23T14:55:41.000Z",
"dateReserved": "2021-01-05T00:00:00.000Z",
"dateUpdated": "2024-08-03T18:44:13.042Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22410 (GCVE-0-2021-22410)
Vulnerability from cvelistv5 – Published: 2021-11-23 14:55 – Updated: 2024-08-03 18:44
VLAI?
Summary
There is a XSS injection vulnerability in iMaster NCE-Fabric V100R019C10. A module of the client does not verify the input sufficiently. Attackers can exploit this vulnerability by modifying input after logging onto the client. This may compromise the normal service of the client.
Severity ?
No CVSS data available.
CWE
- XSS Injection
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | iMaster NCE-Fabric |
Affected:
V100R019C10
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.042Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210324-01-xss-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iMaster NCE-Fabric",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V100R019C10"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a XSS injection vulnerability in iMaster NCE-Fabric V100R019C10. A module of the client does not verify the input sufficiently. Attackers can exploit this vulnerability by modifying input after logging onto the client. This may compromise the normal service of the client."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "XSS Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-23T14:55:41.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210324-01-xss-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22410",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iMaster NCE-Fabric",
"version": {
"version_data": [
{
"version_value": "V100R019C10"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a XSS injection vulnerability in iMaster NCE-Fabric V100R019C10. A module of the client does not verify the input sufficiently. Attackers can exploit this vulnerability by modifying input after logging onto the client. This may compromise the normal service of the client."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210324-01-xss-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210324-01-xss-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22410",
"datePublished": "2021-11-23T14:55:41.000Z",
"dateReserved": "2021-01-05T00:00:00.000Z",
"dateUpdated": "2024-08-03T18:44:13.042Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}