CVE-2015-8675
First published: Fri Jan 15 2016(Updated: )
Huawei S5300 Campus Series switches with software before V200R005SPH008 do not mask the password when uploading files, which allows physically proximate attackers to obtain sensitive password information by reading the display.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei 5300HI firmware | =v200r005c02 | |
| Huawei S5300 firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2015-8675?
CVE-2015-8675 is classified as a medium severity vulnerability due to the potential exposure of sensitive password information.
How do I fix CVE-2015-8675?
To remediate CVE-2015-8675, upgrade the Huawei S5300 switches to software version V200R005SPH008 or later.
Who is affected by CVE-2015-8675?
CVE-2015-8675 affects Huawei S5300 Campus Series switches running software versions prior to V200R005SPH008.
What is the nature of the vulnerability in CVE-2015-8675?
The vulnerability in CVE-2015-8675 allows physically proximate attackers to read unmasked passwords from the display during file uploads.
Can CVE-2015-8675 be exploited remotely?
CVE-2015-8675 requires physical proximity to the device, making it a local attack vector rather than a remote one.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/references
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/huawei
- canonical/huawei 5300hi firmware
- version/huawei 5300hi firmware/v200r005c02
- canonical/huawei s5300 firmware