Vulnerability CVE-2015-2800
Published: 2017-06-08

Description:
The user authentication module in Huawei Campus switches S5700, S5300, S6300, and S6700 with software before V200R001SPH012 and S7700, S9300, and S9700 with software before V200R001SPH015 allows remote attackers to cause a denial of service (device restart) via vectors involving authentication, which trigger an array access violation.

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.8/10
6.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete
Affected software
Huawei -> S6300 firmware 
Huawei -> S6700 firmware 
Huawei -> S7700 firmware 
Huawei -> S5300 firmware 
Huawei -> S9300 firmware 
Huawei -> S5700 firmware 
Huawei -> S9700 firmware 

 References:
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-418554.htm
http://www.securityfocus.com/bid/73355
Copyright 2024, cxsecurity.com

 

Back to Top