Improper Permission Control in Huawei Document Security Management
CVE-2016-2406

4.3MEDIUM

Key Information:

Vendor: Huawei
Status: Document Security Management
Vendor: CVE Published:; 20 March 2017

What is CVE-2016-2406?

The permission control module in Huawei Document Security Management prior to version V100R002C05SPC670 is susceptible to a vulnerability that allows remote authenticated users to exploit improper permissions on the PrintScreen button. This flaw can lead to unauthorized disclosure of sensitive information present in encrypted documents, posing significant risks to data security.

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 20, 2017
Vulnerability Reserved
Feb 18, 2016