Lucene search

Huawei TechnologiesHUAWEI-SA-20150506-01-ICMP

HistoryMay 06, 2015 - 12:00 a.m.

Security Advisory - IP Option Improper Handling Vulnerability in Multiple Huawei Products

2015-05-0600:00:00

Huawei Technologies

www.huawei.com

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

64.8%

JSON

Multiple Huawei Products have an improper IP option handling vulnerability. The IP stack implementation in multiple Huawei products mishandles IP options when a crafted ICMP request message is received, leading to the board reboot (Vulnerability ID: HWPSIRT-2015-02003).

This Vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2015-3913.

Affected configurations

Vulners

Node

huaweis2300MatchV100R006C00

huaweis2700MatchV100R006C00

huaweis3300MatchV100R006C00

huaweis3700MatchV100R006C00

huaweis2300MatchV100R006C03

huaweis2700MatchV100R006C03

huaweis3300MatchV100R006C03

huaweis3700MatchV100R006C03

huaweis2300MatchV100R006C05

huaweis2700MatchV100R006C05

huaweis3300MatchV100R006C05

huaweis3700MatchV100R006C05

huaweis5300eiMatchV100R006C00

huaweis5700eiMatchV100R006C00

huaweis5300siMatchV100R006C00

huaweis5700siMatchV100R006C00

huaweis5300eiMatchV200R001C00SPC300

huaweis5700eiMatchV200R001C00SPC300

huaweis5300siMatchV200R001C00SPC300

huaweis5700siMatchV200R001C00SPC300

huaweis5300eiMatchV200R002C00SPC300

huaweis5700eiMatchV200R002C00SPC300

huaweis5300siMatchV200R002C00SPC300

huaweis5700siMatchV200R002C00SPC300

huaweis5300eiMatchV200R003C00SPC300

huaweis5700eiMatchV200R003C00SPC300

huaweis5300siMatchV200R003C00SPC300

huaweis5700siMatchV200R003C00SPC300

huaweis5300eiMatchV200R005C00SPC300

huaweis5700eiMatchV200R005C00SPC300

huaweis5300siMatchV200R005C00SPC300

huaweis5700siMatchV200R005C00SPC300

huaweis5300hiMatchV200R001C00SPC300

huaweis5700hiMatchV200R001C00SPC300

huaweis6700eiMatchV200R001C00SPC300

huaweis5710hiMatchV200R001C00SPC300

huaweis5300hiMatchV200R002C00SPC300

huaweis5700hiMatchV200R002C00SPC300

huaweis6700eiMatchV200R002C00SPC300

huaweis5710hiMatchV200R002C00SPC300

huaweis5300hiMatchV200R003C00SPC300

huaweis5700hiMatchV200R003C00SPC300

huaweis6700eiMatchV200R003C00SPC300

huaweis5710hiMatchV200R003C00SPC300

huaweis5300hiMatchV200R005C00SPC300

huaweis5700hiMatchV200R005C00SPC300

huaweis6700eiMatchV200R005C00SPC300

huaweis5710hiMatchV200R005C00SPC300

huaweis5300liMatchV200R001C00SPC300

huaweis5700liMatchV200R001C00SPC300

huaweis2350eiMatchV200R001C00SPC300

huaweis2750eiMatchV200R001C00SPC300

huaweis5300liMatchV200R002C00SPC300

huaweis5700liMatchV200R002C00SPC300

huaweis2350eiMatchV200R002C00SPC300

huaweis2750eiMatchV200R002C00SPC300

huaweis5300liMatchV200R003C00SPC300

huaweis5700liMatchV200R003C00SPC300

huaweis2350eiMatchV200R003C00SPC300

huaweis2750eiMatchV200R003C00SPC300

huaweis5300liMatchV200R005C00SPC300

huaweis5700liMatchV200R005C00SPC300

huaweis2350eiMatchV200R005C00SPC300

huaweis2750eiMatchV200R005C00SPC300

huaweis5300liMatchV200R006C00SPC500

huaweis5700liMatchV200R006C00SPC500

huaweis2350eiMatchV200R006C00SPC500

huaweis2750eiMatchV200R006C00SPC500

huaweis5300liMatchV200R007C00SPC500

huaweis5700liMatchV200R007C00SPC500

huaweis2350eiMatchV200R007C00SPC500

huaweis2750eiMatchV200R007C00SPC500

huaweis5720hiMatchV200R006C00SPC500

huaweis5720hiMatchV200R007C00SPC500

huaweis7700MatchV200R001C00SPC300

huaweis9300MatchV200R001C00SPC300

huaweis9700MatchV200R001C00SPC300

huaweis7700MatchV200R002C00SPC300

huaweis9300MatchV200R002C00SPC300

huaweis9700MatchV200R002C00SPC300

huaweis7700MatchV200R003C00SPC500

huaweis9300MatchV200R003C00SPC500

huaweis9700MatchV200R003C00SPC500

huaweis7700MatchV200R005C00SPC300

huaweis9300MatchV200R005C00SPC300

huaweis9700MatchV200R005C00SPC300

huaweis7700MatchV200R006C00SPC500

huaweis9300MatchV200R006C00SPC500

huaweis9700MatchV200R006C00SPC500

huaweis7700MatchV200R007C00SPC500

huaweis9300MatchV200R007C00SPC500

huaweis9700MatchV200R007C00SPC500

huaweis12700MatchV200R005C00SPC300

huaweis12700MatchV200R006C00SPC500

huaweis12700MatchV200R007C00SPC500

CPENameOperatorVersion
s2300eqV100R006C00
s2700eqV100R006C00
s3300eqV100R006C00
s3700eqV100R006C00
s2300eqV100R006C03
s2700eqV100R006C03
s3300eqV100R006C03
s3700eqV100R006C03
s2300eqV100R006C05
s2700eqV100R006C05

Name	Operator	Version
s2300	eq	V100R006C00
s2700	eq	V100R006C00
s3300	eq	V100R006C00
s3700	eq	V100R006C00
s2300	eq	V100R006C03
s2700	eq	V100R006C03
s3300	eq	V100R006C03
s3700	eq	V100R006C03
s2300	eq	V100R006C05
s2700	eq	V100R006C05

Rows per page:

1-10 of 951

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

64.8%

JSON

Related for HUAWEI-SA-20150506-01-ICMP