Huawei USG9500 with software V200R001C01SPC800 and earlier versions, V300R001C00; USG2100 with software V300R001C00SPC900 and earlier versions; USG2200 with software V300R001C00SPC900; USG5100 with software V300R001C00SPC900 could allow an unauthenticated, remote attacker to conduct a CSRF attack against the user of the web interface.
References
Link | Resource |
---|---|
http://www.huawei.com/en/psirt/security-advisories/hw-372186 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Information
Published : 2017-04-02 13:59
Updated : 2017-04-07 05:10
NVD link : CVE-2014-9137
Mitre link : CVE-2014-9137
JSON object : View
CWE
CWE-352
Cross-Site Request Forgery (CSRF)
Products Affected
huawei
- usg9500
- usg5500_firmware
- usg2100_firmware
- usg5500
- usg2200_firmware
- usg9500_firmware
- usg2100
- fusionmanager
- usg5100_firmware
- usg2200
- usg5100