Lucene search

Huawei TechnologiesHUAWEI-SA-20141010-01-VRP

HistoryOct 10, 2014 - 12:00 a.m.

Security Advisory-VRP SSH Denial of Service Vulnerability

2014-10-1000:00:00

Huawei Technologies

www.huawei.com

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

64.8%

JSON

The SSH of the VRP has an input verification issue. Remote attackers can send a special SSH packet to the device to cause a denial of service (Vulnerability ID: HWPSIRT-2014-0701).

This Vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2014-8572.

Affected configurations

Vulners

Node

huaweiac6605MatchAC6605

huaweiac6605MatchV200R001C00

huaweiac6605MatchAC6605

huaweiac6605MatchV200R002C00

huaweiacuMatchV200R001C00

huaweiacuMatchV200R002C00

huaweis2300Range<V100R006C05

huaweis3300Range<V100R006C05

huaweis2700Range<V100R006C05

huaweis3700Range<V100R006C05

huaweis5300MatchV100R006

huaweis5700MatchV100R006

huaweis6300MatchV100R006

huaweis6700MatchV100R006

huaweis5300MatchV200R001

huaweis5700MatchV200R001

huaweis6300MatchV200R001

huaweis6700MatchV200R001

huaweis5300MatchV200R002

huaweis5700MatchV200R002

huaweis6300MatchV200R002

huaweis6700MatchV200R002

huaweis5300MatchV200R003

huaweis5700MatchV200R003

huaweis6300MatchV200R003

huaweis6700MatchV200R003

huaweis5300Range<V200R005C00SPC300

huaweis5700Range<V200R005C00SPC300

huaweis6300Range<V200R005C00SPC300

huaweis6700Range<V200R005C00SPC300

huaweis7700MatchV100R006

huaweis9300MatchV100R006

huaweis9300eMatchV100R006

huaweis9700MatchV100R006

huaweis7700MatchV200R001

huaweis9300MatchV200R001

huaweis9300eMatchV200R001

huaweis9700MatchV200R001

huaweis7700MatchV200R002

huaweis9300MatchV200R002

huaweis9300eMatchV200R002

huaweis9700MatchV200R002

huaweis7700MatchV200R003

huaweis9300MatchV200R003

huaweis9300eMatchV200R003

huaweis9700MatchV200R003

huaweis7700Range<V200R005C00SPC300

huaweis9300Range<V200R005C00SPC300

huaweis9300eRange<V200R005C00SPC300

huaweis9700Range<V200R005C00SPC300

CPENameOperatorVersion
ac6605eqAC6605
ac6605eqV200R001C00
ac6605eqAC6605
ac6605eqV200R002C00
acueqV200R001C00
acueqV200R002C00
s2300ltV100R006C05
s3300ltV100R006C05
s2700ltV100R006C05
s3700ltV100R006C05

Name	Operator	Version
ac6605	eq	AC6605
ac6605	eq	V200R001C00
ac6605	eq	AC6605
ac6605	eq	V200R002C00
acu	eq	V200R001C00
acu	eq	V200R002C00
s2300	lt	V100R006C05
s3300	lt	V100R006C05
s2700	lt	V100R006C05
s3700	lt	V100R006C05

Rows per page:

1-10 of 501

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

64.8%

JSON

Related for HUAWEI-SA-20141010-01-VRP