PatchSiren

H3C CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM H3C CVE published 2026-07-12

CVE-2026-15479

A vulnerability was found in H3C NX15 V100R017, affecting the function change_passwd of the file /api/login/modify in the Administrator Password Modification Endpoint. The manipulation of the argument newPass results in weak password recovery. The attack may be launched remotely. The exploit has been made public and could be used. This issue has a CVSS score of 5.5 and is considered Medium severity. Secur [truncated]