Описание
There is an information leak vulnerability in eCNS280_TD versions V100R005C00 and V100R005C10. A command does not have timeout exit mechanism. Temporary file contains sensitive information. This allows attackers to obtain information by inter-process access that requires other methods.
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:o:huawei:ecns280_td_firmware:v100r005c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ecns280_td_firmware:v100r005c10:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ecns280_td:-:*:*:*:*:*:*:*
EPSS
Процентиль: 2%
0.00013
Низкий
4.1 Medium
CVSS3
1.9 Low
CVSS2
Дефекты
CWE-312
Связанные уязвимости
github
больше 3 лет назад
There is an information leak vulnerability in eCNS280_TD versions V100R005C00 and V100R005C10. A command does not have timeout exit mechanism. Temporary file contains sensitive information. This allows attackers to obtain information by inter-process access that requires other methods.
EPSS
Процентиль: 2%
0.00013
Низкий
4.1 Medium
CVSS3
1.9 Low
CVSS2
Дефекты
CWE-312