Huawei Campus Series Switches User Enumeration Weakness
BID:69302
CVE-2014-5394 |Info
Huawei Campus Series Switches User Enumeration Weakness
| Bugtraq ID: | 69302 |
| Class: | Design Error |
| CVE: |
CVE-2014-5394 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 20 2014 12:00AM |
| Updated: | Mar 19 2015 09:24AM |
| Credit: | Huawei |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
Huawei Campus Series Switches User Enumeration Weakness
Huawei Campus Series Switches are prone to a user-enumeration weakness.
An attacker may leverage this issue to harvest valid usernames, which may aid in further attacks.
Huawei Campus Series Switches are prone to a user-enumeration weakness.
An attacker may leverage this issue to harvest valid usernames, which may aid in further attacks.
Exploit / POC
Huawei Campus Series Switches User Enumeration Weakness
An attacker can exploit this issue by supplying the application with crafted requests.
An attacker can exploit this issue by supplying the application with crafted requests.
Solution / Fix
Huawei Campus Series Switches User Enumeration Weakness
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Huawei Campus Series Switches User Enumeration Weakness
References:
References: