exploitDog

CVE-2016-2406

Опубликовано: 20 мар. 2017

Источник: nvd

CVSS3: 4.3

CVSS2: 4

EPSS Низкий

Описание

The permission control module in Huawei Document Security Management (aka DSM) before V100R002C05SPC670 allows remote authenticated users to obtain sensitive information from encrypted documents by leveraging incorrect control of permissions on the PrintScreen button.

Ссылки

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160218-01-dsm-en
Vendor Advisory
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160218-01-dsm-en
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:huawei:document_security_management:*:*:*:*:*:*:*:*

Версия до v100r002c05spc661 (включая)

EPSS

Процентиль: 22%

0.0007

Низкий

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-275

Связанные уязвимости

GHSA-v825-395q-5vff

CVSS3: 4.3

github

больше 3 лет назад

The permission control module in Huawei Document Security Management (aka DSM) before V100R002C05SPC670 allows remote authenticated users to obtain sensitive information from encrypted documents by leveraging incorrect control of permissions on the PrintScreen button.

EPSS

Процентиль: 22%

0.0007

Низкий

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-275