Skip to main content

Uma

18 CVEs product

Monthly

CVE-2017-8130 MEDIUM This Month

The UMA product with software V200R001 and V300R001 has an information leak vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Uma
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2017-8129 CRITICAL Act Now

The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Uma
NVD
CVSS 3.0
9.8
EPSS
0.2%
CVE-2017-8128 CRITICAL Act Now

The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Uma
NVD
CVSS 3.0
9.8
EPSS
0.2%
CVE-2017-8127 MEDIUM This Month

The UMA product with software V200R001 has a cross-site scripting (XSS) vulnerability due to insufficient input validation. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Uma
NVD
CVSS 3.0
6.1
EPSS
0.1%
CVE-2017-8126 CRITICAL Act Now

The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Uma
NVD
CVSS 3.0
9.8
EPSS
0.2%
CVE-2017-8125 MEDIUM This Month

The UMA product with software V200R001 and V300R001 has a cross-site scripting (XSS) vulnerability due to insufficient input validation. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Uma
NVD
CVSS 3.0
6.1
EPSS
0.1%
CVE-2017-8124 CRITICAL Act Now

The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Uma
NVD
CVSS 3.0
9.8
EPSS
0.2%
CVE-2017-8123 CRITICAL Act Now

The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Uma
NVD
CVSS 3.0
9.8
EPSS
0.2%
CVE-2017-8122 CRITICAL Act Now

The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Uma
NVD
CVSS 3.0
9.8
EPSS
0.3%
CVE-2017-8121 MEDIUM This Month

The UMA product with software V200R001 and V300R001 has an information leak vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Uma
NVD
CVSS 3.0
5.3
EPSS
0.1%
CVE-2017-8120 CRITICAL Act Now

The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Uma
NVD
CVSS 3.0
9.8
EPSS
0.2%
CVE-2017-8119 CRITICAL Act Now

The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Uma
NVD
CVSS 3.0
9.8
EPSS
0.2%
CVE-2017-8118 LOW Monitor

The UMA product with software V200R001 and V300R001 has an information leak vulnerability. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Uma
NVD
CVSS 3.0
2.3
EPSS
0.0%
CVE-2017-8117 CRITICAL Act Now

The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Uma
NVD
CVSS 3.0
9.8
EPSS
0.2%
CVE-2016-7110 CRITICAL Act Now

Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 allows remote attackers to execute arbitrary commands via "special characters," a different vulnerability than CVE-2016-7109. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Huawei Code Injection Uma
NVD
CVSS 3.0
9.8
EPSS
1.7%
CVE-2016-7109 CRITICAL Act Now

Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 allows remote attackers to execute arbitrary commands via "special characters," a different vulnerability than CVE-2016-7110. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Huawei Code Injection Uma
NVD
CVSS 3.0
9.8
EPSS
1.7%
CVE-2016-7108 MEDIUM This Month

Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 SPH206 allows remote authenticated users to obtain the MD5 hashes of arbitrary user passwords via unspecified vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Huawei Uma
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2016-7107 HIGH This Week

Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 SPH206 allows remote attackers to reset arbitrary user passwords and consequently affect system data integrity via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Authentication Bypass Uma
NVD
CVSS 3.0
7.5
EPSS
0.1%
EPSS 0% CVSS 6.5
MEDIUM This Month

The UMA product with software V200R001 and V300R001 has an information leak vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Uma
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Uma
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Uma
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

The UMA product with software V200R001 has a cross-site scripting (XSS) vulnerability due to insufficient input validation. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Uma
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Uma
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

The UMA product with software V200R001 and V300R001 has a cross-site scripting (XSS) vulnerability due to insufficient input validation. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Uma
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Uma
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Uma
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Uma
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

The UMA product with software V200R001 and V300R001 has an information leak vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Uma
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Uma
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Uma
NVD
EPSS 0% CVSS 2.3
LOW Monitor

The UMA product with software V200R001 and V300R001 has an information leak vulnerability. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Uma
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Uma
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 allows remote attackers to execute arbitrary commands via "special characters," a different vulnerability than CVE-2016-7109. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Huawei Code Injection +1
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 allows remote attackers to execute arbitrary commands via "special characters," a different vulnerability than CVE-2016-7110. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Huawei Code Injection +1
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 SPH206 allows remote authenticated users to obtain the MD5 hashes of arbitrary user passwords via unspecified vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Huawei Uma
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 SPH206 allows remote attackers to reset arbitrary user passwords and consequently affect system data integrity via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Authentication Bypass Uma
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy