Lucene search

K
huaweiHuawei TechnologiesHUAWEI-SA-20141010-01-VRP
HistoryOct 10, 2014 - 12:00 a.m.

Security Advisory-VRP SSH Denial of Service Vulnerability

2014-10-1000:00:00
Huawei Technologies
www.huawei.com
15

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

64.8%

The SSH of the VRP has an input verification issue. Remote attackers can send a special SSH packet to the device to cause a denial of service (Vulnerability ID: HWPSIRT-2014-0701).

This Vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2014-8572.

Affected configurations

Vulners
Node
huaweiac6605MatchAC6605
OR
huaweiac6605MatchV200R001C00
OR
huaweiac6605MatchAC6605
OR
huaweiac6605MatchV200R002C00
OR
huaweiacuMatchV200R001C00
OR
huaweiacuMatchV200R002C00
OR
huaweis2300Range<V100R006C05
OR
huaweis3300Range<V100R006C05
OR
huaweis2700Range<V100R006C05
OR
huaweis3700Range<V100R006C05
OR
huaweis5300MatchV100R006
OR
huaweis5700MatchV100R006
OR
huaweis6300MatchV100R006
OR
huaweis6700MatchV100R006
OR
huaweis5300MatchV200R001
OR
huaweis5700MatchV200R001
OR
huaweis6300MatchV200R001
OR
huaweis6700MatchV200R001
OR
huaweis5300MatchV200R002
OR
huaweis5700MatchV200R002
OR
huaweis6300MatchV200R002
OR
huaweis6700MatchV200R002
OR
huaweis5300MatchV200R003
OR
huaweis5700MatchV200R003
OR
huaweis6300MatchV200R003
OR
huaweis6700MatchV200R003
OR
huaweis5300Range<V200R005C00SPC300
OR
huaweis5700Range<V200R005C00SPC300
OR
huaweis6300Range<V200R005C00SPC300
OR
huaweis6700Range<V200R005C00SPC300
OR
huaweis7700MatchV100R006
OR
huaweis9300MatchV100R006
OR
huaweis9300eMatchV100R006
OR
huaweis9700MatchV100R006
OR
huaweis7700MatchV200R001
OR
huaweis9300MatchV200R001
OR
huaweis9300eMatchV200R001
OR
huaweis9700MatchV200R001
OR
huaweis7700MatchV200R002
OR
huaweis9300MatchV200R002
OR
huaweis9300eMatchV200R002
OR
huaweis9700MatchV200R002
OR
huaweis7700MatchV200R003
OR
huaweis9300MatchV200R003
OR
huaweis9300eMatchV200R003
OR
huaweis9700MatchV200R003
OR
huaweis7700Range<V200R005C00SPC300
OR
huaweis9300Range<V200R005C00SPC300
OR
huaweis9300eRange<V200R005C00SPC300
OR
huaweis9700Range<V200R005C00SPC300

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

64.8%

Related for HUAWEI-SA-20141010-01-VRP