CVE-2014-5394
MEDIUMHuawei S9300/S9300E/S7700/S9700/S5700/S6700/S5300/S6300/S2300/S2700 Username Enumeration via SSH
Title source: llmDescription
Multiple Huawei Campus switches allow remote attackers to enumerate usernames via vectors involving use of SSH by the maintenance terminal.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/69302
Vendor Advisory x_refsource_confirm
http://www.huawei.com/us/psirt/security-advisories/2014/hw-362701
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/97763
Scores
CVSS v3
5.9
EPSS
0.0043
EPSS Percentile
62.5%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (28)
huawei/s2300_firmware
v100r006c05
huawei/s2700_firmware
v100r006c05
huawei/s3300_firmware
v100r006c05
huawei/s3700_firmware
v100r006c05
huawei/s5300_firmware
v200r001c00spc300
huawei/s5300_firmware
v200r002c00spc300
huawei/s5300_firmware
v200r003c00spc300
huawei/s5700_firmware
v200r001c00spc300
huawei/s5700_firmware
v200r002c00spc300
huawei/s5700_firmware
v200r003c00spc300
... and 18 more
Published
Jan 08, 2018
Tracked Since
Feb 18, 2026