Privilege Elevation Vulnerability in Huawei UMA Product
CVE-2017-8124

9.8CRITICAL

Key Information:

Vendor: McAfee
Status: Uma
Vendor: CVE Published:; 15 November 2017

What is CVE-2017-8124?

The UMA product from Huawei experiences a privilege elevation vulnerability due to inadequate validation and improper processing of parameters. This vulnerability could allow an attacker to craft specialized packets to exploit the weakness, potentially leading to elevated privileges within the system. It is crucial for users of the affected product to be aware of this vulnerability and take appropriate precautionary measures.

Affected Version(s)

UMA V200R001

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 15, 2017
Vulnerability Reserved
Apr 25, 2017

McAfee

What is CVE-2017-8124?

Affected Version(s)

References

CVSS V3.1

Timeline