Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Huawei OceanStor 5300 V3, 5500 V3, 5600 V3, 5800 V3, 6800 V3, 18800 V3, and 18500 V3 before V300R003C10 sends the plaintext session token in the HTTP header, which allows remote attackers to conduct replay attacks and obtain sensitive information by sniffing the network.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款Huawei OceanStor产品安全漏洞
Vulnerability Description
Huawei OceanStor 5300等都是中国华为(Huawei)公司的存储系统。 多款Huawei OceanStor产品中存在安全漏洞,该漏洞源于程序在HTTP头中发送明文的会话令牌。远程攻击者可通过嗅探网络利用该漏洞实施重放攻击,获取敏感信息。以下产品及版本受到影响:Huawei OceanStor 5300 V3,5500 V3,5600 V3,5800 V3,6800 V3,18800 V3,18500 V300R003C10之前V3版本。
CVSS Information
N/A
Vulnerability Type
N/A