Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
huaweiHuawei TechnologiesHUAWEI-SA-20140924-01-VRP
HistorySep 24, 2014 - 12:00 a.m.

Security Advisory-Information Leakage Vulnerability via MPLS Ping in VRP Platform

2014-09-2400:00:00
Huawei Technologies
www.huawei.com
16

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

0.001 Low

EPSS

Percentile

40.5%

JSON

VRP (Versatile Routing Platform) has been developed by Huawei to provide improved IP routing services. The VRP has been widely applied to network devices, including high-end and low-end switches and routers, wireless and transmission devices.

Information leakage vulnerability exists in several devices using VRP platform, because the MPLS LSP Ping service is bound to unnecessary interfaces, which can cause the leak of IP addresses of devices (Vulnerability ID: HWPSIRT-2014-0418).

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2014-8570.

Affected configurations

Vulners
Node
huaweis9300MatchV100R002
OR
huaweis9300MatchV100R003
OR
huaweis9300MatchV100R006
OR
huaweis9300MatchV200R001
OR
huaweis9300MatchV200R002
OR
huaweis9300MatchV200R003
OR
huaweis9300MatchV200R005
OR
huaweis9303MatchV100R002
OR
huaweis9303MatchV100R003
OR
huaweis9303MatchV100R006
OR
huaweis9303MatchV200R001
OR
huaweis9303MatchV200R002
OR
huaweis9303MatchV200R003
OR
huaweis9303MatchV200R005
OR
huaweis9306MatchV100R002
OR
huaweis9306MatchV100R003
OR
huaweis9306MatchV100R006
OR
huaweis9306MatchV200R001
OR
huaweis9306MatchV200R002
OR
huaweis9306MatchV200R003
OR
huaweis9306MatchV200R005
OR
huaweis9312MatchV100R002
OR
huaweis9312MatchV100R003
OR
huaweis9312MatchV100R006
OR
huaweis9312MatchV200R001
OR
huaweis9312MatchV200R002
OR
huaweis9312MatchV200R003
OR
huaweis9312MatchV200R005
OR
huaweis7700MatchV100R002
OR
huaweis7700MatchV100R003
OR
huaweis7700MatchV100R006
OR
huaweis7700MatchV200R001
OR
huaweis7700MatchV200R002
OR
huaweis7700MatchV200R003
OR
huaweis7700MatchV200R005
OR
huaweis7703MatchV100R002
OR
huaweis7703MatchV100R003
OR
huaweis7703MatchV100R006
OR
huaweis7703MatchV200R001
OR
huaweis7703MatchV200R002
OR
huaweis7703MatchV200R003
OR
huaweis7703MatchV200R005
OR
huaweis7706MatchV100R002
OR
huaweis7706MatchV100R003
OR
huaweis7706MatchV100R006
OR
huaweis7706MatchV200R001
OR
huaweis7706MatchV200R002
OR
huaweis7706MatchV200R003
OR
huaweis7706MatchV200R005
OR
huaweis7712MatchV100R002
OR
huaweis7712MatchV100R003
OR
huaweis7712MatchV100R006
OR
huaweis7712MatchV200R001
OR
huaweis7712MatchV200R002
OR
huaweis7712MatchV200R003
OR
huaweis7712MatchV200R005
OR
huaweis9300MatchS9300E/
OR
huaweis9300MatchS9303E/
OR
huaweis9300MatchS9306E/
OR
huaweis9300MatchS9312E/
OR
huaweis9300MatchS9700/
OR
huaweis9300MatchS9703/
OR
huaweis9300MatchS9706/
OR
huaweis9300MatchS9712
OR
huaweis9303MatchS9300E/
OR
huaweis9303MatchS9303E/
OR
huaweis9303MatchS9306E/
OR
huaweis9303MatchS9312E/
OR
huaweis9303MatchS9700/
OR
huaweis9303MatchS9703/
OR
huaweis9303MatchS9706/
OR
huaweis9303MatchS9712
OR
huaweis9306MatchS9300E/
OR
huaweis9306MatchS9303E/
OR
huaweis9306MatchS9306E/
OR
huaweis9306MatchS9312E/
OR
huaweis9306MatchS9700/
OR
huaweis9306MatchS9703/
OR
huaweis9306MatchS9706/
OR
huaweis9306MatchS9712
OR
huaweis9312MatchS9300E/
OR
huaweis9312MatchS9303E/
OR
huaweis9312MatchS9306E/
OR
huaweis9312MatchS9312E/
OR
huaweis9312MatchS9700/
OR
huaweis9312MatchS9703/
OR
huaweis9312MatchS9706/
OR
huaweis9312MatchS9712
OR
huaweis7700MatchS9300E/
OR
huaweis7700MatchS9303E/
OR
huaweis7700MatchS9306E/
OR
huaweis7700MatchS9312E/
OR
huaweis7700MatchS9700/
OR
huaweis7700MatchS9703/
OR
huaweis7700MatchS9706/
OR
huaweis7700MatchS9712
OR
huaweis7703MatchS9300E/
OR
huaweis7703MatchS9303E/
OR
huaweis7703MatchS9306E/
OR
huaweis7703MatchS9312E/
OR
huaweis7703MatchS9700/
OR
huaweis7703MatchS9703/
OR
huaweis7703MatchS9706/
OR
huaweis7703MatchS9712
OR
huaweis7706MatchS9300E/
OR
huaweis7706MatchS9303E/
OR
huaweis7706MatchS9306E/
OR
huaweis7706MatchS9312E/
OR
huaweis7706MatchS9700/
OR
huaweis7706MatchS9703/
OR
huaweis7706MatchS9706/
OR
huaweis7706MatchS9712
OR
huaweis7712MatchS9300E/
OR
huaweis7712MatchS9303E/
OR
huaweis7712MatchS9306E/
OR
huaweis7712MatchS9312E/
OR
huaweis7712MatchS9700/
OR
huaweis7712MatchS9703/
OR
huaweis7712MatchS9706/
OR
huaweis7712MatchS9712
OR
huaweis9300MatchS12708/
OR
huaweis9300MatchS12712
OR
huaweis9303MatchS12708/
OR
huaweis9303MatchS12712
OR
huaweis9306MatchS12708/
OR
huaweis9306MatchS12712
OR
huaweis9312MatchS12708/
OR
huaweis9312MatchS12712
OR
huaweis7700MatchS12708/
OR
huaweis7700MatchS12712
OR
huaweis7703MatchS12708/
OR
huaweis7703MatchS12712
OR
huaweis7706MatchS12708/
OR
huaweis7706MatchS12712
OR
huaweis7712MatchS12708/
OR
huaweis7712MatchS12712
OR
huawei5700hiMatchV100R006
OR
huawei5700hiMatchV200R001
OR
huawei5700hiMatchV200R002
OR
huawei5700hiMatchV200R003
OR
huawei5700hiMatchV200R005
OR
huawei5300hiMatchV100R006
OR
huawei5300hiMatchV200R001
OR
huawei5300hiMatchV200R002
OR
huawei5300hiMatchV200R003
OR
huawei5300hiMatchV200R005
OR
huawei5700hiMatch5710EI/5310EI
OR
huawei5300hiMatch5710EI/5310EI
OR
huawei5700hiMatch5710HI/5310HI
OR
huawei5300hiMatch5710HI/5310HI
OR
huawei5700hiMatch6700EI/6300EI
OR
huawei5300hiMatch6700EI/6300EI

Related

cvelist 1
cve 1
nvd 1
prion 1
cvelist
cvelist
CVE-2014-8570
2017-04-02 20:00:00
cve
cve
CVE-2014-8570
2017-04-02 20:59:00
nvd
nvd
CVE-2014-8570
2017-04-02 20:59:00
prion
prion
Input validation
2017-04-02 20:59:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

0.001 Low

EPSS

Percentile

40.5%

JSON
Related for HUAWEI-SA-20140924-01-VRP
cvelist1cve1nvd1prion1