MEDIUM
H3C
CVE published 2026-07-12
CVE-2026-15479
A vulnerability was found in H3C NX15 V100R017, affecting the function change_passwd of the file /api/login/modify in the Administrator Password Modification Endpoint. The manipulation of the argument newPass results in weak password recovery. The attack may be launched remotely. The exploit has been made public and could be used. This issue has a CVSS score of 5.5 and is considered Medium severity. Secur [truncated]