CVE-2015-2253

MEDIUM

Huawei Oceanstor Uds Firmware - Information Disclosure

Title source: rule

Description

The XML interface in Huawei OceanStor UDS devices with software before V100R002C01SPC102 allows remote authenticated users to obtain sensitive information via a crafted XML document.

References (1)

[Vendor Advisory] http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-417837.htm

Scores

CVSS v3 5.0

EPSS 0.0008

EPSS Percentile 22.4%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

Details

CWE

CWE-200

Status published

Products (2)

huawei/oceanstor_uds_firmware < v100r002c01spc101

n/a/n/a

Published Jun 08, 2017

Tracked Since Feb 18, 2026