CVE-2017-17323
Description
Huawei iBMC V200R002C10; V200R002C20; V200R002C30 have an improper authorization vulnerability. The software incorrectly performs an authorization check when a normal user attempts to access certain information which is supposed to be accessed only by admin user. Successful exploit could cause information disclosure.
Risk Information
Base Score
4.3
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS Score
Exploitation Probability
0.069
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2017-17323 are affected in ibmc_firmware v200r002c30 | NCM |
| Vulnerabilities CVE-2017-17323 are affected in ibmc_firmware v200r002c20 | NCM |
| Vulnerabilities CVE-2017-17323 are affected in ibmc_firmware v200r002c10 | NCM |
| Incorrect Authorization Vulnerability (CVE-2017-17323) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234