S9300 Firmware
CVE-2015-7846
MEDIUM
Severity by source
AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionCVE.org
Huawei S7700, S9700, S9300 before V200R07C00SPC500, and AR200, AR1200, AR2200, AR3200 before V200R005C20SPC200 allows attackers with physical access to the CF card to obtain sensitive information.
AnalysisAI
Huawei S7700, S9700, S9300 before V200R07C00SPC500, and AR200, AR1200, AR2200, AR3200 before V200R005C20SPC200 allows attackers with physical access to the CF card to obtain sensitive information. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Exposure of Sensitive Information (CWE-200), which allows attackers to access sensitive data that should not be disclosed. Huawei S7700, S9700, S9300 before V200R07C00SPC500, and AR200, AR1200, AR2200, AR3200 before V200R005C20SPC200 allows attackers with physical access to the CF card to obtain sensitive information. Affected products include: Huawei S9300 Firmware, Huawei S9700 Firmware, Huawei S7700 Firmware, Huawei Ar200 Firmware, Huawei Ar1200 Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Minimize information in error messages, implement proper access controls, encrypt sensitive data at rest and in transit.
More in S9300 Firmware
View allThe user authentication module in Huawei Campus switches S5700, S5300, S6300, and S6700 with software before V200R001SPH
Memory leak in Huawei S9300, S5300, S5700, S6700, S7700, S9700, and S12700 devices allows remote attackers to cause a de
The IP stack in multiple Huawei Campus series switch models allows remote attackers to cause a denial of service (reboot
Huawei AC6605 with software V200R001C00; AC6605 with software V200R002C00; ACU with software V200R001C00; ACU with softw
Memory leak in Huawei S5300EI, S5300SI, S5310HI, S6300EI/ S2350EI, and S5300LI Campus series switches with software V200
Huawei Quidway S9700, S5700, S5300, S9300, and S7700 switches with software before V200R003SPH012 allow remote attackers
Huawei AR3200 with software V200R007C00, V200R005C32, V200R005C20; S12700 with software V200R008C00, V200R007C00; S5300
Huawei S5300 with software V200R003C00, V200R007C00, V200R008C00, V200R009C00; S5700 with software V200R001C00, V200R002
Huawei S9300 with software before V100R006SPH013 and S2300,S3300,S5300,S6300 with software before V100R006SPH010 support
Huawei Campus S3700HI with software V200R001C00SPC300; Campus S5700 with software V200R002C00SPC100; Campus S7700 with s
AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C
Some Huawei S series switches have a DoS vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely e
Same weakness CWE-200 – Information Exposure
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today