How severe is CVE-2017-15327?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.3 out of 10.

What type of vulnerability is CVE-2017-15327?

This is classified as CWE-200, which is a common weakness in software security.

CVE-2017-15327 - MEDIUM Severity | CVSS 4.3

Vulnerability Description

S12700 V200R005C00, V200R006C00, V200R006C01, V200R007C00, V200R007C01, V200R007C20, V200R008C00, V200R008C06, V200R009C00, V200R010C00, S7700 V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R006C01, V200R007C00, V200R007C01, V200R008C00, V200R008C06, V200R009C00, V200R010C00, S9700 V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R006C01, V200R007C00, V200R007C01, V200R008C00, V200R009C00, V200R010C00 have an improper authorization vulnerability on Huawei switch products. The system incorrectly performs an authorization check when a normal user attempts to access certain information which is supposed to be accessed only by authenticated user. Successful exploit could cause information disclosure.

Related Vulnerabilities

CVE-2011-1934

MEDIUM

CVSS:4.3(Medium)

lilo-uuid-diskid causes lilo.conf to be world-readable in lilo 23.1.

CWE-2002011

CVE-2012-1158

MEDIUM

CVSS:4.3(Medium)

Moodle before 2.2.2 has a course information leak in gradebook where users are able to see hidden grade items in export

CWE-2002012

CVE-2012-1159

MEDIUM

CVSS:4.3(Medium)

Moodle before 2.2.2: Overview report allows users to see hidden courses

CWE-2002012

CVE-2012-1161

MEDIUM

CVSS:4.3(Medium)

Moodle before 2.2.2: Course information leak via hidden courses being displayed in tag search results

CWE-2002012

CVE-2012-5570

MEDIUM

CVSS:4.3(Medium)

The Basic webmail module 6.x-1.x before 6.x-1.2 for Drupal allows remote authenticated users with the "access basic_webmail" permission to read arbitrary users' email addresses.

CWE-2002012

CVE-2013-4317

MEDIUM

CVSS:4.3(Medium)

In Apache CloudStack 4.1.0 and 4.1.1, when calling the CloudStack API call listProjectAccounts as a regular, non-administrative user, the user is able to see information for accounts other than their ...

CWE-2002013