Vulnerability-Lookup

CVE-2015-7843 (GCVE-0-2015-7843)

Vulnerability from cvelistv5 – Published: 2017-10-02 18:00 – Updated: 2024-08-06 07:59

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

GSD-2015-7843

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2015-7843

Aliases

CVE-2015-7843

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2015-7843",
    "description": "The management interface on Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with software before V100R003C00SPC602, RH2288A V2 with software before V100R002C00SPC701, RH1288A V2 with software before V100R002C00SPC502, RH8100 V3 with software before V100R003C00SPC110, CH222 V3 with software before V100R001C00SPC161, CH220 V3 with software before V100R001C00SPC161, and CH121 V3 with software before V100R001C00SPC161 does not limit the number of query attempts, which allows remote authenticated users to obtain credentials of higher-level users via a brute force attack.",
    "id": "GSD-2015-7843"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2015-7843"
      ],
      "details": "The management interface on Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with software before V100R003C00SPC602, RH2288A V2 with software before V100R002C00SPC701, RH1288A V2 with software before V100R002C00SPC502, RH8100 V3 with software before V100R003C00SPC110, CH222 V3 with software before V100R001C00SPC161, CH220 V3 with software before V100R001C00SPC161, and CH121 V3 with software before V100R001C00SPC161 does not limit the number of query attempts, which allows remote authenticated users to obtain credentials of higher-level users via a brute force attack.",
      "id": "GSD-2015-7843",
      "modified": "2023-12-13T01:20:01.599919Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2015-7843",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The management interface on Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with software before V100R003C00SPC602, RH2288A V2 with software before V100R002C00SPC701, RH1288A V2 with software before V100R002C00SPC502, RH8100 V3 with software before V100R003C00SPC110, CH222 V3 with software before V100R001C00SPC161, CH220 V3 with software before V100R001C00SPC161, and CH121 V3 with software before V100R001C00SPC161 does not limit the number of query attempts, which allows remote authenticated users to obtain credentials of higher-level users via a brute force attack."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454418.htm",
            "refsource": "CONFIRM",
            "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454418.htm"
          },
          {
            "name": "76836",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/76836"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:huawei:fusionserver_rh1288a_v2:v100r002c00:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:huawei:fusionserver_rh2288a_v2:v100r002c00:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:huawei:fusionserver_rh1288_v3:v100r003c00spc100:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:huawei:fusionserver_xh628_v3:v100r003c00:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:huawei:fusionserver_ch222_v3:v100r001c00:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:huawei:fusionserver_rh2288_v3:v100r003c00:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:huawei:fusionserver_ch220_v3:v100r001c00:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:huawei:fusionserver_rh8100_v3:v100r003c00:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:huawei:fusionserver_rh2288h_v3:v100r003c00:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:huawei:fusionserver_ch121_v3:v100r001c00:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-7843"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The management interface on Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with software before V100R003C00SPC602, RH2288A V2 with software before V100R002C00SPC701, RH1288A V2 with software before V100R002C00SPC502, RH8100 V3 with software before V100R003C00SPC110, CH222 V3 with software before V100R001C00SPC161, CH220 V3 with software before V100R001C00SPC161, and CH121 V3 with software before V100R001C00SPC161 does not limit the number of query attempts, which allows remote authenticated users to obtain credentials of higher-level users via a brute force attack."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-254"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454418.htm",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454418.htm"
            },
            {
              "name": "76836",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/76836"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2017-10-23T13:03Z",
      "publishedDate": "2017-10-03T01:29Z"
    }
  }
}

GHSA-43MG-4CXQ-6MJP

Vulnerability from github – Published: 2022-05-17 00:31 – Updated: 2022-05-17 00:31

Details

Severity ?

8.8 (High)


                  
                    CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2015-7843"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-10-03T01:29:00Z",
    "severity": "HIGH"
  },
  "details": "The management interface on Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with software before V100R003C00SPC602, RH2288A V2 with software before V100R002C00SPC701, RH1288A V2 with software before V100R002C00SPC502, RH8100 V3 with software before V100R003C00SPC110, CH222 V3 with software before V100R001C00SPC161, CH220 V3 with software before V100R001C00SPC161, and CH121 V3 with software before V100R001C00SPC161 does not limit the number of query attempts, which allows remote authenticated users to obtain credentials of higher-level users via a brute force attack.",
  "id": "GHSA-43mg-4cxq-6mjp",
  "modified": "2022-05-17T00:31:42Z",
  "published": "2022-05-17T00:31:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7843"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/76836"
    },
    {
      "type": "WEB",
      "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454418.htm"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2015-7843

Vulnerability from fkie_nvd - Published: 2017-10-03 01:29 - Updated: 2025-04-20 01:37

Severity ?

8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
cve@mitre.org	http://www.securityfocus.com/bid/76836	Third Party Advisory, VDB Entry
cve@mitre.org	http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454418.htm	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/76836	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454418.htm	Vendor Advisory

Impacted products

Vendor	Product	Version
huawei	fusionserver_ch121_v3	v100r001c00
huawei	fusionserver_ch220_v3	v100r001c00
huawei	fusionserver_ch222_v3	v100r001c00
huawei	fusionserver_rh1288_v3	v100r003c00spc100
huawei	fusionserver_rh1288a_v2	v100r002c00
huawei	fusionserver_rh2288_v3	v100r003c00
huawei	fusionserver_rh2288a_v2	v100r002c00
huawei	fusionserver_rh2288h_v3	v100r003c00
huawei	fusionserver_rh8100_v3	v100r003c00
huawei	fusionserver_xh628_v3	v100r003c00

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:huawei:fusionserver_ch121_v3:v100r001c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0552D86-070F-4374-8C03-6C4AEC2CCD05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:huawei:fusionserver_ch220_v3:v100r001c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5AA1BD4-F9B8-4727-9FC4-DE53A117976B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:huawei:fusionserver_ch222_v3:v100r001c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B623464-F6BF-4A02-999C-117A6674DEDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:huawei:fusionserver_rh1288_v3:v100r003c00spc100:*:*:*:*:*:*:*",
              "matchCriteriaId": "70B8E66F-F4E3-49C7-98DA-8F07A4FD48E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:huawei:fusionserver_rh1288a_v2:v100r002c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD8FDA7D-3F90-41BF-96F0-F22DBA41CF19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:huawei:fusionserver_rh2288_v3:v100r003c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9947503-1E5E-4FF4-B6D8-F4ED0041361B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:huawei:fusionserver_rh2288a_v2:v100r002c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "08A69404-9F95-4DF3-BD10-4C425FB3FEDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:huawei:fusionserver_rh2288h_v3:v100r003c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "58FDA27F-18AE-45DA-8E64-9CAE75AF46A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:huawei:fusionserver_rh8100_v3:v100r003c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAD7BDF3-3739-49CA-8B29-DFA85CC3CD71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:huawei:fusionserver_xh628_v3:v100r003c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F660ECC-DD2B-4104-B877-FFFE0519D42F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The management interface on Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with software before V100R003C00SPC602, RH2288A V2 with software before V100R002C00SPC701, RH1288A V2 with software before V100R002C00SPC502, RH8100 V3 with software before V100R003C00SPC110, CH222 V3 with software before V100R001C00SPC161, CH220 V3 with software before V100R001C00SPC161, and CH121 V3 with software before V100R001C00SPC161 does not limit the number of query attempts, which allows remote authenticated users to obtain credentials of higher-level users via a brute force attack."
    },
    {
      "lang": "es",
      "value": "La interfaz de gesti\u00f3n en los servidores en rack FusionServer RH288V3 con software anterior a V100R003C00SPC603, RH2288H V3 anterior a V100R003C00SPC503, XH628 V3 anterior a V100R003C00SPC602, RH1288 V3 anterior a V100R003C00SPC602, RH2288A V2 anterior a V100R002C00SPC701, RH1288A V2 anterior a V100R002C00SPC502, RH8100 V3 anterior a V100R003C00SPC110, CH222 V3 anterior a V100R001C00SPC161, CH220 V3 anterior a V100R001C00SPC161 y CH121 V3 anterior a V100R001C00SPC161 de Huawei no limita el n\u00famero de intentos de consulta, lo que permite que los usuarios autenticados remotos obtengan credenciales de usuarios de un nivel m\u00e1s alto mediante un ataque de fuerza bruta."
    }
  ],
  "id": "CVE-2015-7843",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-10-03T01:29:00.840",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/76836"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454418.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/76836"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454418.htm"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-254"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CNVD-2015-07209

Vulnerability from cnvd - Published: 2015-11-04

Title

Huawei FusionServer产品安全绕过漏洞

Description

Huawei FusionServer RH2288 V3是中国华为公司的服务器产品。 Huawei FusionServer产品未能正确限制查询尝试次数，允许远程攻击者通过暴力破解攻击获取敏感信息。

Severity

中

Patch Name

Huawei FusionServer产品安全绕过漏洞的补丁

Patch Description

Huawei FusionServer RH2288 V3是中国华为公司的服务器产品。 Huawei FusionServer产品未能正确限制查询尝试次数，允许远程攻击者通过暴力破解攻击获取敏感信息。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下厂商提供的安全补丁以修复该漏洞： http://e.huawei.com/

Reference

http://www.securityfocus.com/bid/76836

Impacted products

Name
Huawei FusionServer RH2288 V3

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "76836"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-7843"
    }
  },
  "description": "Huawei FusionServer RH2288 V3\u662f\u4e2d\u56fd\u534e\u4e3a\u516c\u53f8\u7684\u670d\u52a1\u5668\u4ea7\u54c1\u3002\r\n\r\nHuawei FusionServer\u4ea7\u54c1\u672a\u80fd\u6b63\u786e\u9650\u5236\u67e5\u8be2\u5c1d\u8bd5\u6b21\u6570\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u66b4\u529b\u7834\u89e3\u653b\u51fb\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002",
  "discovererName": "huawei",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttp://e.huawei.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-07209",
  "openTime": "2015-11-04",
  "patchDescription": "Huawei FusionServer RH2288 V3\u662f\u4e2d\u56fd\u534e\u4e3a\u516c\u53f8\u7684\u670d\u52a1\u5668\u4ea7\u54c1\u3002\r\n\r\nHuawei FusionServer\u4ea7\u54c1\u672a\u80fd\u6b63\u786e\u9650\u5236\u67e5\u8be2\u5c1d\u8bd5\u6b21\u6570\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u66b4\u529b\u7834\u89e3\u653b\u51fb\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Huawei FusionServer\u4ea7\u54c1\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Huawei FusionServer RH2288 V3"
  },
  "referenceLink": "http://www.securityfocus.com/bid/76836",
  "serverity": "\u4e2d",
  "submitTime": "2015-11-01",
  "title": "Huawei FusionServer\u4ea7\u54c1\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e"
}

VAR-201710-0096

Vulnerability from variot - Updated: 2025-04-20 23:25

The management interface on Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with software before V100R003C00SPC602, RH2288A V2 with software before V100R002C00SPC701, RH1288A V2 with software before V100R002C00SPC502, RH8100 V3 with software before V100R003C00SPC110, CH222 V3 with software before V100R001C00SPC161, CH220 V3 with software before V100R001C00SPC161, and CH121 V3 with software before V100R001C00SPC161 does not limit the number of query attempts, which allows remote authenticated users to obtain credentials of higher-level users via a brute force attack. plural Huawei FusionServer The product contains vulnerabilities related to security functions.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Huawei FusionServer RH2288 V3 is a server product of Huawei Technologies, China. The Huawei FusionServer product failed to properly limit the number of query attempts, allowing remote attackers to obtain sensitive information through brute force attacks. Huawei FusionServer products are prone to multiple security-bypass vulnerabilities and a command-injection vulnerability. An attacker can exploit this issue to bypass certain security restrictions and aid in brute-force attacks or execute arbitrary commands in the context of the application; other attacks may also be possible. The vulnerability is caused by the program not correctly limiting the number of query attempts. The following products and versions are affected: Huawei FusionServer RH2288 V3 , RH2288H V3 and XH628 V3 V100R003C00 Version, FusionServer RH1288 V3 V100R003C00SPC100 Version, FusionServer RH2288A V2 and FusionServer RH1288A V2 V100R002C00 Version, FusionServer RH8100 V3 V100R003C00 Version, FusionServer CH222 V3 , CH220 V3 and CH121 V3 V100R001C00 version

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201710-0096",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "fusionserver ch121 v3",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v100r001c00"
      },
      {
        "model": "fusionserver xh628 v3",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v100r003c00"
      },
      {
        "model": "fusionserver rh2288a v2",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v100r002c00"
      },
      {
        "model": "fusionserver rh2288h v3",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v100r003c00"
      },
      {
        "model": "fusionserver rh1288 v3",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v100r003c00spc100"
      },
      {
        "model": "fusionserver rh1288a v2",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v100r002c00"
      },
      {
        "model": "fusionserver rh2288 v3",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v100r003c00"
      },
      {
        "model": "fusionserver rh8100 v3",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v100r003c00"
      },
      {
        "model": "fusionserver ch220 v3",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v100r001c00"
      },
      {
        "model": "fusionserver ch222 v3",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v100r001c00"
      },
      {
        "model": "fusionserver ch121 v3",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v100r001c00spc161"
      },
      {
        "model": "fusionserver ch220 v3",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v100r001c00spc161"
      },
      {
        "model": "fusionserver ch222 v3",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v100r001c00spc161"
      },
      {
        "model": "fusionserver rh1288 v3",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v100r003c00spc602"
      },
      {
        "model": "fusionserver rh1288a v2",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v100r002c00spc502"
      },
      {
        "model": "fusionserver rh2288 v3",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v100r003c00spc603"
      },
      {
        "model": "fusionserver rh2288a v2",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v100r002c00spc701"
      },
      {
        "model": "fusionserver rh2288h v3",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v100r003c00spc503"
      },
      {
        "model": "fusionserver rh8100 v3",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v100r003c00spc110"
      },
      {
        "model": "fusionserver xh628 v3",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v100r003c00spc602"
      },
      {
        "model": "fusionserver rh2288",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "v3"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-07209"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-008010"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201510-690"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-7843"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:huawei:fusionserver_ch121_v3",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:huawei:fusionserver_ch220_v3",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:huawei:fusionserver_ch222_v3",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:huawei:fusionserver_rh1288_v3",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:huawei:fusionserver_rh1288a_v2",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:huawei:fusionserver_rh2288_v3",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:huawei:fusionserver_rh2288a_v2",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:huawei:fusionserver_rh2288h_v3",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:huawei:fusionserver_rh8100_v3",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:huawei:fusionserver_xh628_v3",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-008010"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "76836"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2015-7843",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "CVE-2015-7843",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2015-07209",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "VHN-85804",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "id": "CVE-2015-7843",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2015-7843",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2015-7843",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2015-07209",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201510-690",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-85804",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-07209"
      },
      {
        "db": "VULHUB",
        "id": "VHN-85804"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-008010"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201510-690"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-7843"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The management interface on Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with software before V100R003C00SPC602, RH2288A V2 with software before V100R002C00SPC701, RH1288A V2 with software before V100R002C00SPC502, RH8100 V3 with software before V100R003C00SPC110, CH222 V3 with software before V100R001C00SPC161, CH220 V3 with software before V100R001C00SPC161, and CH121 V3 with software before V100R001C00SPC161 does not limit the number of query attempts, which allows remote authenticated users to obtain credentials of higher-level users via a brute force attack. plural Huawei FusionServer The product contains vulnerabilities related to security functions.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Huawei FusionServer RH2288 V3 is a server product of Huawei Technologies, China. The Huawei FusionServer product failed to properly limit the number of query attempts, allowing remote attackers to obtain sensitive information through brute force attacks. Huawei FusionServer products are prone to multiple security-bypass vulnerabilities and a command-injection vulnerability. \nAn attacker can exploit this issue to bypass  certain security restrictions and aid in brute-force attacks or execute arbitrary commands in the context of the application; other  attacks may also be possible. The vulnerability is caused by the program not correctly limiting the number of query attempts. The following products and versions are affected: Huawei FusionServer RH2288 V3 , RH2288H V3 and XH628 V3 V100R003C00 Version, FusionServer RH1288 V3 V100R003C00SPC100 Version, FusionServer RH2288A V2 and FusionServer RH1288A V2 V100R002C00 Version, FusionServer RH8100 V3 V100R003C00 Version, FusionServer CH222 V3 , CH220 V3 and CH121 V3 V100R001C00 version",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-7843"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-008010"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-07209"
      },
      {
        "db": "BID",
        "id": "76836"
      },
      {
        "db": "VULHUB",
        "id": "VHN-85804"
      }
    ],
    "trust": 2.52
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2015-7843",
        "trust": 3.4
      },
      {
        "db": "BID",
        "id": "76836",
        "trust": 2.6
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-008010",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201510-690",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-07209",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-85804",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-07209"
      },
      {
        "db": "VULHUB",
        "id": "VHN-85804"
      },
      {
        "db": "BID",
        "id": "76836"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-008010"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201510-690"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-7843"
      }
    ]
  },
  "id": "VAR-201710-0096",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-07209"
      },
      {
        "db": "VULHUB",
        "id": "VHN-85804"
      }
    ],
    "trust": 1.35
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-07209"
      }
    ]
  },
  "last_update_date": "2025-04-20T23:25:56.821000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Huawei-SA-20150923-01-FusionServer",
        "trust": 0.8,
        "url": "http://www.huawei.com/en/psirt/security-advisories/hw-454418"
      },
      {
        "title": "Huawei FusionServer product security bypass vulnerability patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/66227"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-07209"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-008010"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-254",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-85804"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-008010"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-7843"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "http://www.securityfocus.com/bid/76836"
      },
      {
        "trust": 1.7,
        "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454418.htm"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7843"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-7843"
      },
      {
        "trust": 0.3,
        "url": "http://www.huawei.com"
      },
      {
        "trust": 0.3,
        "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-456219.htm"
      },
      {
        "trust": 0.3,
        "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-454418.htm"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-07209"
      },
      {
        "db": "VULHUB",
        "id": "VHN-85804"
      },
      {
        "db": "BID",
        "id": "76836"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-008010"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201510-690"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-7843"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-07209"
      },
      {
        "db": "VULHUB",
        "id": "VHN-85804"
      },
      {
        "db": "BID",
        "id": "76836"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-008010"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201510-690"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-7843"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-11-04T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2015-07209"
      },
      {
        "date": "2017-10-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-85804"
      },
      {
        "date": "2015-09-23T00:00:00",
        "db": "BID",
        "id": "76836"
      },
      {
        "date": "2017-10-31T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-008010"
      },
      {
        "date": "2015-09-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201510-690"
      },
      {
        "date": "2017-10-03T01:29:00.840000",
        "db": "NVD",
        "id": "CVE-2015-7843"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-11-04T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2015-07209"
      },
      {
        "date": "2017-10-23T00:00:00",
        "db": "VULHUB",
        "id": "VHN-85804"
      },
      {
        "date": "2015-11-03T20:11:00",
        "db": "BID",
        "id": "76836"
      },
      {
        "date": "2017-10-31T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-008010"
      },
      {
        "date": "2015-10-29T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201510-690"
      },
      {
        "date": "2025-04-20T01:37:25.860000",
        "db": "NVD",
        "id": "CVE-2015-7843"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201510-690"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Huawei FusionServer Vulnerabilities related to security functions in products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-008010"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Unknown",
    "sources": [
      {
        "db": "BID",
        "id": "76836"
      }
    ],
    "trust": 0.3
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2015-7843 (GCVE-0-2015-7843)

GSD-2015-7843

GHSA-43MG-4CXQ-6MJP

FKIE_CVE-2015-7843

CNVD-2015-07209

VAR-201710-0096

Tags

Sightings

Nomenclature