Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for oceanstor_5500_firmware by huawei

    CVE-2017-15352 (GCVE-0-2017-15352)

    Vulnerability from nvd – Published: 2018-02-15 16:00 – Updated: 2024-08-05 19:57
    VLAI
    Summary
    Huawei OceanStor 2800 V3, V300R003C00, V300R003C20, OceanStor 5300 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5500 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5600 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5800 V3, V300R003C00, V300R003C10, V300R003C20 have an improper access control vulnerability. Due to incorrectly restrict access to a resource, an attacker with high privilege may exploit the vulnerability to query some information or send specific message to cause some service abnormal.
    Severity
    No CVSS data available.
    CWE
    • Improper Access Control
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. OceanStor 2800 V3,OceanStor 5300 V3,OceanStor 5500 V3,OceanStor 5600 V3,OceanStor 5800 V3 Affected: OceanStor 2800 V3 ,V300R003C00 ,V300R003C20 ,OceanStor 5300 V3 ,V300R003C00 ,V300R003C10 ,V300R003C20 ,OceanStor 5500 V3 ,V300R003C00 ,V300R003C10 ,V300R003C20 ,OceanStor 5600 V3 ,V300R003C00 ,V300R003C10 ,V300R003C20 ,OceanStor 5800 V3 ,V300R003C00 ,V300R003C10 ,V300R003C20
    Create a notification for this product.
    Date Public
    2017-11-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T19:57:25.538Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171122-01-oceanstor-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "OceanStor 2800 V3,OceanStor 5300 V3,OceanStor 5500 V3,OceanStor 5600 V3,OceanStor 5800 V3",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "OceanStor 2800 V3 ,V300R003C00 ,V300R003C20 ,OceanStor 5300 V3 ,V300R003C00 ,V300R003C10 ,V300R003C20 ,OceanStor 5500 V3 ,V300R003C00 ,V300R003C10 ,V300R003C20 ,OceanStor 5600 V3 ,V300R003C00 ,V300R003C10 ,V300R003C20 ,OceanStor 5800 V3 ,V300R003C00 ,V300R003C10 ,V300R003C20"
                }
              ]
            }
          ],
          "datePublic": "2017-11-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Huawei OceanStor 2800 V3, V300R003C00, V300R003C20, OceanStor 5300 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5500 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5600 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5800 V3, V300R003C00, V300R003C10, V300R003C20 have an improper access control vulnerability. Due to incorrectly restrict access to a resource, an attacker with high privilege may exploit the vulnerability to query some information or send specific message to cause some service abnormal."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper Access Control",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-02-15T15:57:02.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171122-01-oceanstor-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2017-15352",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "OceanStor 2800 V3,OceanStor 5300 V3,OceanStor 5500 V3,OceanStor 5600 V3,OceanStor 5800 V3",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "OceanStor 2800 V3 ,V300R003C00 ,V300R003C20 ,OceanStor 5300 V3 ,V300R003C00 ,V300R003C10 ,V300R003C20 ,OceanStor 5500 V3 ,V300R003C00 ,V300R003C10 ,V300R003C20 ,OceanStor 5600 V3 ,V300R003C00 ,V300R003C10 ,V300R003C20 ,OceanStor 5800 V3 ,V300R003C00 ,V300R003C10 ,V300R003C20"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Huawei OceanStor 2800 V3, V300R003C00, V300R003C20, OceanStor 5300 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5500 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5600 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5800 V3, V300R003C00, V300R003C10, V300R003C20 have an improper access control vulnerability. Due to incorrectly restrict access to a resource, an attacker with high privilege may exploit the vulnerability to query some information or send specific message to cause some service abnormal."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper Access Control"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171122-01-oceanstor-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171122-01-oceanstor-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-15352",
        "datePublished": "2018-02-15T16:00:00.000Z",
        "dateReserved": "2017-10-14T00:00:00.000Z",
        "dateUpdated": "2024-08-05T19:57:25.538Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-15352 (GCVE-0-2017-15352)

    Vulnerability from cvelistv5 – Published: 2018-02-15 16:00 – Updated: 2024-08-05 19:57
    VLAI
    Summary
    Huawei OceanStor 2800 V3, V300R003C00, V300R003C20, OceanStor 5300 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5500 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5600 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5800 V3, V300R003C00, V300R003C10, V300R003C20 have an improper access control vulnerability. Due to incorrectly restrict access to a resource, an attacker with high privilege may exploit the vulnerability to query some information or send specific message to cause some service abnormal.
    Severity
    No CVSS data available.
    CWE
    • Improper Access Control
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. OceanStor 2800 V3,OceanStor 5300 V3,OceanStor 5500 V3,OceanStor 5600 V3,OceanStor 5800 V3 Affected: OceanStor 2800 V3 ,V300R003C00 ,V300R003C20 ,OceanStor 5300 V3 ,V300R003C00 ,V300R003C10 ,V300R003C20 ,OceanStor 5500 V3 ,V300R003C00 ,V300R003C10 ,V300R003C20 ,OceanStor 5600 V3 ,V300R003C00 ,V300R003C10 ,V300R003C20 ,OceanStor 5800 V3 ,V300R003C00 ,V300R003C10 ,V300R003C20
    Create a notification for this product.
    Date Public
    2017-11-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T19:57:25.538Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171122-01-oceanstor-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "OceanStor 2800 V3,OceanStor 5300 V3,OceanStor 5500 V3,OceanStor 5600 V3,OceanStor 5800 V3",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "OceanStor 2800 V3 ,V300R003C00 ,V300R003C20 ,OceanStor 5300 V3 ,V300R003C00 ,V300R003C10 ,V300R003C20 ,OceanStor 5500 V3 ,V300R003C00 ,V300R003C10 ,V300R003C20 ,OceanStor 5600 V3 ,V300R003C00 ,V300R003C10 ,V300R003C20 ,OceanStor 5800 V3 ,V300R003C00 ,V300R003C10 ,V300R003C20"
                }
              ]
            }
          ],
          "datePublic": "2017-11-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Huawei OceanStor 2800 V3, V300R003C00, V300R003C20, OceanStor 5300 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5500 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5600 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5800 V3, V300R003C00, V300R003C10, V300R003C20 have an improper access control vulnerability. Due to incorrectly restrict access to a resource, an attacker with high privilege may exploit the vulnerability to query some information or send specific message to cause some service abnormal."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper Access Control",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-02-15T15:57:02.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171122-01-oceanstor-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2017-15352",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "OceanStor 2800 V3,OceanStor 5300 V3,OceanStor 5500 V3,OceanStor 5600 V3,OceanStor 5800 V3",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "OceanStor 2800 V3 ,V300R003C00 ,V300R003C20 ,OceanStor 5300 V3 ,V300R003C00 ,V300R003C10 ,V300R003C20 ,OceanStor 5500 V3 ,V300R003C00 ,V300R003C10 ,V300R003C20 ,OceanStor 5600 V3 ,V300R003C00 ,V300R003C10 ,V300R003C20 ,OceanStor 5800 V3 ,V300R003C00 ,V300R003C10 ,V300R003C20"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Huawei OceanStor 2800 V3, V300R003C00, V300R003C20, OceanStor 5300 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5500 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5600 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5800 V3, V300R003C00, V300R003C10, V300R003C20 have an improper access control vulnerability. Due to incorrectly restrict access to a resource, an attacker with high privilege may exploit the vulnerability to query some information or send specific message to cause some service abnormal."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper Access Control"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171122-01-oceanstor-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171122-01-oceanstor-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-15352",
        "datePublished": "2018-02-15T16:00:00.000Z",
        "dateReserved": "2017-10-14T00:00:00.000Z",
        "dateUpdated": "2024-08-05T19:57:25.538Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }