CVE-2015-8675
MEDIUMHuawei S5300 Campus Series Switches < V200R005SPH008 - Password Exposure via Unmasked Display
Title source: llmDescription
Huawei S5300 Campus Series switches with software before V200R005SPH008 do not mask the password when uploading files, which allows physically proximate attackers to obtain sensitive password information by reading the display.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160112-01-switch-en
Scores
CVSS v3
6.2
EPSS
0.0003
EPSS Percentile
9.0%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-255
Status
published
Products (1)
huawei/s5300_firmware
v200r005c02
Published
Jan 15, 2016
Tracked Since
Feb 18, 2026