CVE-2017-17323

Summary

Huawei iBMC V200R002C10; V200R002C20; V200R002C30 have an improper authorization vulnerability. The software incorrectly performs an authorization check when a normal user attempts to access certain information which is supposed to be accessed only by admin user. Successful exploit could cause information disclosure.

Affected Software

VendorProductVersion RangeStatus
Huawei Technologies Co., Ltd.iBMCV200R002C10affected
Huawei Technologies Co., Ltd.iBMCV200R002C20affected
Huawei Technologies Co., Ltd.iBMCV200R002C30affected

Weaknesses

  • improper authorization

ADP Enrichment

CVE Program Container

Additional References

References