1. Home
  2. CVE Database
  3. CVE-2014-5394
MEDIUM · 5.9

CVE-2014-5394

Multiple Huawei Campus switches allow remote attackers to enumerate usernames via vectors involving use of SSH by the maintenance terminal.

Vulnerability Description

Multiple Huawei Campus switches allow remote attackers to enumerate usernames via vectors involving use of SSH by the maintenance terminal.

CVSS Score

5.9

MEDIUM

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
HuaweiS9300 Firmwarev200r001c00spc300
HuaweiS9300-
HuaweiS9300E Firmwarev200r001c00spc300
HuaweiS9300E-
HuaweiS7700 Firmwarev200r001c00spc300
HuaweiS7700-
HuaweiS9700 Firmwarev200r001c00spc300
HuaweiS9700-
HuaweiS5700 Firmwarev200r001c00spc300
HuaweiS5700-
HuaweiS6700 Firmwarev200r001c00spc300
HuaweiS6700-
HuaweiS5300 Firmwarev200r001c00spc300
HuaweiS5300-
HuaweiS6300 Firmwarev200r001c00spc300
HuaweiS6300-
HuaweiS2300 Firmwarev100r006c05
HuaweiS2300-
HuaweiS2700 Firmwarev100r006c05
HuaweiS2700-

Related Weaknesses (CWE)

CWE-200

References

FAQ

What is CVE-2014-5394?

CVE-2014-5394 is a vulnerability with a CVSS score of 5.9 (MEDIUM). Multiple Huawei Campus switches allow remote attackers to enumerate usernames via vectors involving use of SSH by the maintenance terminal.

How severe is CVE-2014-5394?

CVE-2014-5394 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2014-5394?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei S9300 Firmware, Huawei S9300, Huawei S9300E Firmware, Huawei S9300E, Huawei S7700 Firmware.