Privilege Escalation and Denial of Service in Huawei Policy Center
CVE-2016-2405

8.8HIGH

Key Information:

Vendor
Huawei
Vendor
CVE Published:
12 April 2016

Summary

The Huawei Policy Center software prior to version V100R003C10SPC020 is susceptible to a vulnerability that allows remote authenticated users to execute crafted URLs. This can potentially lead to unauthorized privilege escalation, enabling users to manipulate system settings, and may result in a denial of service, causing the system to crash. It is crucial for users to update their software to the latest version to mitigate these risks.

References

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.