CVE Vulnerabilities

CVE-2015-8675

Published: Jan 15, 2016 | Modified: Jan 21, 2016

CVSS 3.x

6.2

MEDIUM

Source:

NVD

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS 2.x

2.1 LOW

RedHat/V2

RedHat/V3

Ubuntu

Additional information

NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-8675
CWE	https://cwe.mitre.org/data/definitions/255.html

Huawei S5300 Campus Series switches with software before V200R005SPH008 do not mask the password when uploading files, which allows physically proximate attackers to obtain sensitive password information by reading the display.

Affected Software

Name	Vendor	Start Version	End Version
S5300_firmware	Huawei	v200r005c02 (including)	v200r005c02 (including)

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160112-01-switch-en

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.