VAR-201601-0420
Vulnerability from variot - Updated: 2025-04-12 23:35Huawei Document Security Management (DSM) with software before V100R002C05SPC661 does not clear the clipboard when closing a secure file, which allows local users to obtain sensitive information by pasting the contents to another file. Huawei DSM is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information which may aid in further attacks. Huawei Document Security Management (DSM) is a set of document rights management software from Huawei, China. The software is characterized by high stability, reliability and scalability. The vulnerability is caused by the clipboard not being cleared correctly when the program closes the security file
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0420",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "document security management",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v100r002c03spc005"
},
{
"model": "dsm",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v100r002c05spc661"
},
{
"model": "dsm v100r002c03spc005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "dsm v100r002c05spc661",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "77821"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006753"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-307"
},
{
"db": "NVD",
"id": "CVE-2015-8303"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:huawei:document_security_management",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006753"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "77821"
}
],
"trust": 0.3
},
"cve": "CVE-2015-8303",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2015-8303",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-86264",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.5,
"id": "CVE-2015-8303",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-8303",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-8303",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNNVD",
"id": "CNNVD-201512-307",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-86264",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-86264"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006753"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-307"
},
{
"db": "NVD",
"id": "CVE-2015-8303"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei Document Security Management (DSM) with software before V100R002C05SPC661 does not clear the clipboard when closing a secure file, which allows local users to obtain sensitive information by pasting the contents to another file. Huawei DSM is prone to a local information-disclosure vulnerability. \nLocal attackers can exploit this issue to obtain sensitive information which may aid in further attacks. Huawei Document Security Management (DSM) is a set of document rights management software from Huawei, China. The software is characterized by high stability, reliability and scalability. The vulnerability is caused by the clipboard not being cleared correctly when the program closes the security file",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-8303"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006753"
},
{
"db": "BID",
"id": "77821"
},
{
"db": "VULHUB",
"id": "VHN-86264"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-8303",
"trust": 2.8
},
{
"db": "BID",
"id": "77821",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006753",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201512-307",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-86264",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-86264"
},
{
"db": "BID",
"id": "77821"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006753"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-307"
},
{
"db": "NVD",
"id": "CVE-2015-8303"
}
]
},
"id": "VAR-201601-0420",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-86264"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-12T23:35:04.180000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Huawei-SA-20151118-01-DSM",
"trust": 0.8,
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-462410.htm"
},
{
"title": "Huawei Document Security Management Fixes for local information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59139"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006753"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-307"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-86264"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006753"
},
{
"db": "NVD",
"id": "CVE-2015-8303"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-462410.htm"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8303"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8303"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/77821"
},
{
"trust": 0.3,
"url": "http://carrier.huawei.com/en/products/data-communication/network-security/terminal-security/dsm/"
},
{
"trust": 0.3,
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-462410.htm"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-86264"
},
{
"db": "BID",
"id": "77821"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006753"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-307"
},
{
"db": "NVD",
"id": "CVE-2015-8303"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-86264"
},
{
"db": "BID",
"id": "77821"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006753"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-307"
},
{
"db": "NVD",
"id": "CVE-2015-8303"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-08T00:00:00",
"db": "VULHUB",
"id": "VHN-86264"
},
{
"date": "2015-11-18T00:00:00",
"db": "BID",
"id": "77821"
},
{
"date": "2016-01-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006753"
},
{
"date": "2015-11-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-307"
},
{
"date": "2016-01-08T19:59:12.210000",
"db": "NVD",
"id": "CVE-2015-8303"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-13T00:00:00",
"db": "VULHUB",
"id": "VHN-86264"
},
{
"date": "2015-11-18T00:00:00",
"db": "BID",
"id": "77821"
},
{
"date": "2016-01-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006753"
},
{
"date": "2016-01-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-307"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-8303"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "77821"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-307"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei Document Security Management Vulnerabilities in which important information is obtained in software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006753"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-307"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…