Skip to main content

Oceanstor Uds Firmware

3 CVEs product

Monthly

CVE-2015-2253 MEDIUM This Month

The XML interface in Huawei OceanStor UDS devices with software before V100R002C01SPC102 allows remote authenticated users to obtain sensitive information via a crafted XML document. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Huawei Information Disclosure Oceanstor Uds Firmware
NVD
CVSS 3.0
5.0
EPSS
0.1%
CVE-2015-2252 HIGH This Week

Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers to execute arbitrary code with root privileges via a crafted UDS patch with shell scripts. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Huawei Oceanstor Uds Firmware
NVD
CVSS 3.0
8.8
EPSS
0.6%
CVE-2015-2251 HIGH This Week

The DeviceManager in Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers to obtain sensitive information via a crafted UDS patch with JavaScript. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Oceanstor Uds Firmware
NVD
CVSS 3.0
7.5
EPSS
0.1%
EPSS 0% CVSS 5.0
MEDIUM This Month

The XML interface in Huawei OceanStor UDS devices with software before V100R002C01SPC102 allows remote authenticated users to obtain sensitive information via a crafted XML document. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Huawei Information Disclosure Oceanstor Uds Firmware
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers to execute arbitrary code with root privileges via a crafted UDS patch with shell scripts. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Huawei +1
NVD
EPSS 0% CVSS 7.5
HIGH This Week

The DeviceManager in Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers to obtain sensitive information via a crafted UDS patch with JavaScript. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Oceanstor Uds Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy