Oceanstor Uds Firmware
by Huawei
CVEs (3)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-2252 | Hig | 0.57 | 8.8 | 0.01 | Jun 8, 2017 | Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers to execute arbitrary code with root privileges via a crafted UDS patch with shell scripts. | |
| CVE-2015-2251 | Hig | 0.49 | 7.5 | 0.00 | Jun 8, 2017 | The DeviceManager in Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers to obtain sensitive information via a crafted UDS patch with JavaScript. | |
| CVE-2015-2253 | Med | 0.33 | 5.0 | 0.00 | Jun 8, 2017 | The XML interface in Huawei OceanStor UDS devices with software before V100R002C01SPC102 allows remote authenticated users to obtain sensitive information via a crafted XML document. |
- risk 0.57cvss 8.8epss 0.01
Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers to execute arbitrary code with root privileges via a crafted UDS patch with shell scripts.
- risk 0.49cvss 7.5epss 0.00
The DeviceManager in Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers to obtain sensitive information via a crafted UDS patch with JavaScript.
- risk 0.33cvss 5.0epss 0.00
The XML interface in Huawei OceanStor UDS devices with software before V100R002C01SPC102 allows remote authenticated users to obtain sensitive information via a crafted XML document.