CVE-2015-8335

MEDIUM

Huawei VCN500 <V100R002C00SPC201 - Info Disclosure

Title source: llm

Description

Huawei VCN500 with software before V100R002C00SPC201 logs passwords in cleartext, which allows remote authenticated users to obtain sensitive information by triggering log generation and then reading the log.

References (1)

[Vendor Advisory] http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-463084.htm

Scores

CVSS v3 6.5

EPSS 0.0010

EPSS Percentile 28.3%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-200

Status draft

Affected Products (2)

huawei/vcn500

Timeline

Published Jan 11, 2016

Tracked Since Feb 18, 2026