Vulnerabilities

CVE-2018-7958

by Fred · 27/11/2018

There is an anonymous TLS cipher suites supported vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to hijack the connection from a client when the user signs up to log in by TLS. Due to insufficient authentication, which may be exploited to intercept and tamper with the data information.

Date published : 2018-11-27

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181114-01-espace-en

Similar

Tags: Cybersecurity Alert