Vulnerability Description
S12700 V200R005C00, V200R006C00, V200R006C01, V200R007C00, V200R007C01, V200R007C20, V200R008C00, V200R008C06, V200R009C00, V200R010C00, S7700 V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R006C01, V200R007C00, V200R007C01, V200R008C00, V200R008C06, V200R009C00, V200R010C00, S9700 V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R006C01, V200R007C00, V200R007C01, V200R008C00, V200R009C00, V200R010C00 have an improper authorization vulnerability on Huawei switch products. The system incorrectly performs an authorization check when a normal user attempts to access certain information which is supposed to be accessed only by authenticated user. Successful exploit could cause information disclosure.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | S12700 Firmware | v200r005c00 |
| Huawei | S12700 | - |
| Huawei | S7700 Firmware | v200r001c00 |
| Huawei | S7700 | - |
| Huawei | S9700 Firmware | v200r001c00 |
| Huawei | S9700 | - |
Related Weaknesses (CWE)
References
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180328-01-authentVendor Advisory
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180328-01-authentVendor Advisory
FAQ
What is CVE-2017-15327?
CVE-2017-15327 is a vulnerability with a CVSS score of 4.3 (MEDIUM). S12700 V200R005C00, V200R006C00, V200R006C01, V200R007C00, V200R007C01, V200R007C20, V200R008C00, V200R008C06, V200R009C00, V200R010C00, S7700 V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R...
How severe is CVE-2017-15327?
CVE-2017-15327 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-15327?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei S12700 Firmware, Huawei S12700, Huawei S7700 Firmware, Huawei S7700, Huawei S9700 Firmware.