Vulnerability CVE-2015-8676


Published: 2016-04-14

Description:
Memory leak in Huawei S5300EI, S5300SI, S5310HI, S6300EI/ S2350EI, and S5300LI Campus series switches with software V200R001C00 before V200R001SPH018, V200R002C00 before V200R003SPH011, and V200R003C00 before V200R003SPH011; S9300, S7700, and S9700 Campus series switches with software V200R001C00 before V200R001SPH023, V200R002C00 before V200R003SPH011, and V200R003C00 before V200R003SPH011; and S2300 and S3300 Campus series switches with software V100R006C05 before V100R006SPH022 allows remote attackers to cause a denial of service (memory consumption and reboot) via a large number of ICMPv6 packets.

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.8/10
6.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete
Affected software
Huawei -> S2300 firmware 
Huawei -> S2350ei firmware 
Huawei -> S3300 firmware 
Huawei -> S5300ei firmware 
Huawei -> S5300li firmware 
Huawei -> S5300si firmware 
Huawei -> S5310hi firmware 
Huawei -> S6300ei firmware 
Huawei -> S7700 firmware 
Huawei -> S9300 firmware 
Huawei -> S9700 firmware 

 References:
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160113-02-switch-en

Copyright 2024, cxsecurity.com

 

Back to Top