Privilege Escalation in Huawei Tecal E9000 Chassis Software
CVE-2014-9696

8.8HIGH

Key Information:

Vendor
Huawei
Vendor
CVE Published:
2 April 2017

Summary

The Hyper Module Management (HMM) software in Huawei's Tecal E9000 Chassis (V100R001C00SPC160 and earlier) allows operators to escalate privileges, enabling unauthorized modifications to the user configuration of iMana. This flaw poses significant security risks, as it may lead to unauthorized access and manipulation of system settings, potentially compromising the integrity and functionality of the affected systems.

Affected Version(s)

Tecal E9000 Chassis V100R001C00SPC160 and earlier Tecal E9000 Chassis V100R001C00SPC160 and earlier versions

References

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.