Information Leak Vulnerability in Huawei HiSuite PC Client Software
CVE-2016-8272

5.3MEDIUM

Key Information:

Vendor: Huawei
Status: Hisuite 4.0.5.300 Ove
Vendor: CVE Published:; 2 April 2017

What is CVE-2016-8272?

The Huawei HiSuite PC client software version 4.0.5.300_OVE contains a vulnerability that allows an authenticated attacker to access sensitive information. Specifically, this vulnerability enables the extraction of user proxy passwords, which can lead to further data exposure. Users of this software should take immediate action to secure their systems and update to the latest version to mitigate this risk.

Affected Version(s)

HiSuite 4.0.5.300_OVE HiSuite 4.0.5.300_OVE

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 2, 2017
Vulnerability Reserved
Sep 18, 2016