QwikSec

Security Database

CVE

CWE

Training

CVE-2016-8779

Published: Apr 2, 2017

Modified: Aug 6, 2024

PUBLISHED

Description

Huawei FusionAccess with software V100R005C10 and V100R005C20 could allow remote attackers with specific permission to inject a Lightweight Directory Access Protocol (LDAP) operation command into a specific input variable to obtain sensitive information from the database.

Vendor	Product	Versions
n/a	FusionAccess FusionAccess V100R005C10, FusionAccess V100R005C20	affected `FusionAccess FusionAccess V100R005C10, FusionAccess V100R005C20`

References

vdb-entry

x_refsource_BID

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161130-01-ldap-en

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.