CVE-2014-2271

cn.wps.moffice.common.beans.print.CloudPrintWebView in Kingsoft Office 5.3.1, as used in Huawei P2 devices before V100R001C00B043, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and execute arbitrary Java code by leveraging a network position between the client and the registry to block HTTPS traffic.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:wps:wps_office:5.3.1:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:huawei:p2-6011_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:p2-6011:-:*:*:*:*:*:*:*

Information

Published : 2020-01-14 09:15

Updated : 2020-01-21 08:48


NVD link : CVE-2014-2271

Mitre link : CVE-2014-2271


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

huawei

  • p2-6011
  • p2-6011_firmware

wps

  • wps_office