CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
62.0%
The HUAWEI USG9560/9520/9580 is a high-end 10-Gigabit Firewall. The USG9560/9520/9580 applies to Internet backbone networks, IP dedicated backbone networks, IP metropolitan area networks (MANs), Internet data center (IDC) egress. This security gateway provides multiple powerful and all-round security solutions with great flexibility.
An attacker can request a special web page to cause the memory leak of the MPU. When the memory is exhausted, the MPU restarts and active/standby main processing unit (MPU) switchover is triggered. (Vulnerability ID: HWPSIRT-2014-1223)
This Vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2014-9697.
Currently, official fixes are available.
Vendor | Product | Version | CPE |
---|---|---|---|
huawei | usg9560_firmware | v300r001c00 | cpe:2.3:o:huawei:usg9560_firmware:v300r001c00:*:*:*:*:*:*:* |
huawei | 9520_firmware | v300r001c00 | cpe:2.3:a:huawei:9520_firmware:v300r001c00:*:*:*:*:*:*:* |
huawei | 9580_firmware | v300r001c00 | cpe:2.3:a:huawei:9580_firmware:v300r001c00:*:*:*:*:*:*:* |
huawei | usg9560_firmware | v300r001c01spc100 | cpe:2.3:o:huawei:usg9560_firmware:v300r001c01spc100:*:*:*:*:*:*:* |
huawei | 9520_firmware | v300r001c01spc100 | cpe:2.3:a:huawei:9520_firmware:v300r001c01spc100:*:*:*:*:*:*:* |
huawei | 9580_firmware | v300r001c01spc100 | cpe:2.3:a:huawei:9580_firmware:v300r001c01spc100:*:*:*:*:*:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
62.0%