Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for imaster_nce-fabric_firmware by huawei

    CVE-2021-22410 (GCVE-0-2021-22410)

    Vulnerability from nvd – Published: 2021-11-23 14:55 – Updated: 2024-08-03 18:44
    VLAI
    Summary
    There is a XSS injection vulnerability in iMaster NCE-Fabric V100R019C10. A module of the client does not verify the input sufficiently. Attackers can exploit this vulnerability by modifying input after logging onto the client. This may compromise the normal service of the client.
    Severity
    No CVSS data available.
    CWE
    • XSS Injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a iMaster NCE-Fabric Affected: V100R019C10
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T18:44:13.042Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210324-01-xss-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "iMaster NCE-Fabric",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "V100R019C10"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "There is a XSS injection vulnerability in iMaster NCE-Fabric V100R019C10. A module of the client does not verify the input sufficiently. Attackers can exploit this vulnerability by modifying input after logging onto the client. This may compromise the normal service of the client."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "XSS Injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-11-23T14:55:41.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210324-01-xss-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2021-22410",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "iMaster NCE-Fabric",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "V100R019C10"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There is a XSS injection vulnerability in iMaster NCE-Fabric V100R019C10. A module of the client does not verify the input sufficiently. Attackers can exploit this vulnerability by modifying input after logging onto the client. This may compromise the normal service of the client."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "XSS Injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210324-01-xss-en",
                  "refsource": "MISC",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210324-01-xss-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2021-22410",
        "datePublished": "2021-11-23T14:55:41.000Z",
        "dateReserved": "2021-01-05T00:00:00.000Z",
        "dateUpdated": "2024-08-03T18:44:13.042Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-22410 (GCVE-0-2021-22410)

    Vulnerability from cvelistv5 – Published: 2021-11-23 14:55 – Updated: 2024-08-03 18:44
    VLAI
    Summary
    There is a XSS injection vulnerability in iMaster NCE-Fabric V100R019C10. A module of the client does not verify the input sufficiently. Attackers can exploit this vulnerability by modifying input after logging onto the client. This may compromise the normal service of the client.
    Severity
    No CVSS data available.
    CWE
    • XSS Injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a iMaster NCE-Fabric Affected: V100R019C10
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T18:44:13.042Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210324-01-xss-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "iMaster NCE-Fabric",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "V100R019C10"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "There is a XSS injection vulnerability in iMaster NCE-Fabric V100R019C10. A module of the client does not verify the input sufficiently. Attackers can exploit this vulnerability by modifying input after logging onto the client. This may compromise the normal service of the client."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "XSS Injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-11-23T14:55:41.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210324-01-xss-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2021-22410",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "iMaster NCE-Fabric",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "V100R019C10"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There is a XSS injection vulnerability in iMaster NCE-Fabric V100R019C10. A module of the client does not verify the input sufficiently. Attackers can exploit this vulnerability by modifying input after logging onto the client. This may compromise the normal service of the client."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "XSS Injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210324-01-xss-en",
                  "refsource": "MISC",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210324-01-xss-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2021-22410",
        "datePublished": "2021-11-23T14:55:41.000Z",
        "dateReserved": "2021-01-05T00:00:00.000Z",
        "dateUpdated": "2024-08-03T18:44:13.042Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }