CVE-2015-2254

Published: Mar 13, 2019Modified: Nov 21, 2024

9.1

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Exploitability: 3.9 / Impact: 5.2

Source: NVD

Description

Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers to capture and change patch loading information resulting in the deletion of directory files and compromise of system functions when loading a patch.

Affected (1)

Products: Huawei: Oceanstor Uds Firmware

Huawei

1 product

Oceanstor Uds Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Oceanstor Uds Firmware	Before 100r002c01spc102

Running on/with	Platform Versions
Huawei Oceanstor Uds	All versions

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (2)

https://www.huawei.com/en/psirt/security-advisories/hw-417839

Source: cve@mitre.org

Vendor Advisory

https://www.huawei.com/en/psirt/security-advisories/hw-417839

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.