Remote Code Execution Vulnerability in Huawei OceanStor UDS Devices
CVE-2015-2253
5MEDIUM
Summary
The XML interface in Huawei OceanStor UDS devices prior to version V100R002C01SPC102 is susceptible to a vulnerability that enables remote authenticated users to obtain sensitive data. By sending specially crafted XML documents, attackers can exploit this weakness to gain unauthorized access to confidential information, raising significant security concerns for organizations relying on these devices.
References
CVSS V3.1
Score:
5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved