{"api_version":"1","generated_at":"2026-04-23T09:38:00+00:00","cve":"CVE-2015-8675","urls":{"html":"https://cve.report/CVE-2015-8675","api":"https://cve.report/api/cve/CVE-2015-8675.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2015-8675","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2015-8675"},"summary":{"title":"CVE-2015-8675","description":"Huawei S5300 Campus Series switches with software before V200R005SPH008 do not mask the password when uploading files, which allows physically proximate attackers to obtain sensitive password information by reading the display.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2016-01-15 19:59:00","updated_at":"2016-01-21 17:29:00"},"problem_types":["CWE-255"],"metrics":[],"references":[{"url":"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160112-01-switch-en","name":"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160112-01-switch-en","refsource":"CONFIRM","tags":["Vendor Advisory"],"title":"Security Advisory - Information Exposure Vulnerability in Huawei Ethernet Switch","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2015-8675","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8675","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2015","cve_id":"8675","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"huawei","cpe5":"s5300","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"8675","vulnerable":"0","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"huawei","cpe5":"s5300","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"8675","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"huawei","cpe5":"s5300_firmware","cpe6":"v200r005c02","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"8675","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"huawei","cpe5":"s5300_firmware","cpe6":"v200r005c02","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2015-8675","qid":"43853","title":"Huawei Switch Information Exposure Vulnerability (Huawei-SA-20160112-01-Switch)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2015-8675","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Huawei S5300 Campus Series switches with software before V200R005SPH008 do not mask the password when uploading files, which allows physically proximate attackers to obtain sensitive password information by reading the display."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160112-01-switch-en","refsource":"CONFIRM","url":"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160112-01-switch-en"}]}},"nvd":{"publishedDate":"2016-01-15 19:59:00","lastModifiedDate":"2016-01-21 17:29:00","problem_types":["CWE-255"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":6.2,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.5,"impactScore":3.6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:N/A:N","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":2.1},"severity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:huawei:s5300_firmware:v200r005c02:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:huawei:s5300:*:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]}]}},"legacy_mitre":{"record":{"CveYear":"2015","CveId":"8675","Ordinal":"86828","Title":"CVE-2015-8675","CVE":"CVE-2015-8675","Year":"2015"},"notes":[{"CveYear":"2015","CveId":"8675","Ordinal":"1","NoteData":"Huawei S5300 Campus Series switches with software before V200R005SPH008 do not mask the password when uploading files, which allows physically proximate attackers to obtain sensitive password information by reading the display.","Type":"Description","Title":null},{"CveYear":"2015","CveId":"8675","Ordinal":"2","NoteData":"2016-01-15","Type":"Other","Title":"Published"},{"CveYear":"2015","CveId":"8675","Ordinal":"3","NoteData":"2016-01-15","Type":"Other","Title":"Modified"}]}}}