CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
AI Score
Confidence
High
EPSS
Percentile
70.6%
HPE Networking Products, originally branded as Comware 5, Comware 7, H3C, or HP, allow remote attackers to bypass intended access restrictions or cause a denial of service via “Virtual routing and forwarding (VRF) hopping.”
Vendor | Product | Version | CPE |
---|---|---|---|
hp | jg786a_hp_flexfabric_12500_4-port_100gbe_cfp_fd | - | cpe:2.3:a:hp:jg786a_hp_flexfabric_12500_4-port_100gbe_cfp_fd:-:*:*:*:*:*:*:* |
hp | jg787a_hp_flexfabric_12500_4-port_100gbe_cfp_fd_taa | - | cpe:2.3:a:hp:jg787a_hp_flexfabric_12500_4-port_100gbe_cfp_fd_taa:-:*:*:*:*:*:*:* |
hp | jg788a_hp_flexfabric_12500_4-port_100gbe_cfp_fg | - | cpe:2.3:a:hp:jg788a_hp_flexfabric_12500_4-port_100gbe_cfp_fg:-:*:*:*:*:*:*:* |
hp | jg789a_hp_flexfabric_12500_4-port_100gbe_cfp_fg_taa | - | cpe:2.3:a:hp:jg789a_hp_flexfabric_12500_4-port_100gbe_cfp_fg_taa:-:*:*:*:*:*:*:* |
hp | jg798a_hp_flexfabric_12508e_fabric | - | cpe:2.3:a:hp:jg798a_hp_flexfabric_12508e_fabric:-:*:*:*:*:*:*:* |
hp | jg810aae_hp_vsr1001_virtual_services_router_60_day_evaluation | - | cpe:2.3:a:hp:jg810aae_hp_vsr1001_virtual_services_router_60_day_evaluation:-:*:*:*:*:*:*:* |
hp | jh192a_hp_10500_48-port_gig-t_\(rj45\)_se | - | cpe:2.3:a:hp:jh192a_hp_10500_48-port_gig-t_\(rj45\)_se:-:*:*:*:*:*:*:* |
hp | jh196a_hp_10500_2-port_100gbe_cfp_ec | - | cpe:2.3:a:hp:jh196a_hp_10500_2-port_100gbe_cfp_ec:-:*:*:*:*:*:*:* |
hp | jc072b_hp_12500_main_processing_unit | - | cpe:2.3:h:hp:jc072b_hp_12500_main_processing_unit:-:*:*:*:*:*:*:* |
hp | jc085a_hp_a12518_switch_chassis | - | cpe:2.3:h:hp:jc085a_hp_a12518_switch_chassis:-:*:*:*:*:*:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
AI Score
Confidence
High
EPSS
Percentile
70.6%