CVE-2016-8790

Huawei CloudEngine 5800 with software before V200R001C00SPC700, CloudEngine 6800 with software before V200R001C00SPC700, CloudEngine 7800 with software before V200R001C00SPC700, CloudEngine 8800 with software before V200R001C00SPC700, CloudEngine 12800 with software before V200R001C00SPC700 could...

CVE-2016-8780

Huawei CloudEngine 6800 V100R006C00, CloudEngine 7800 V100R006C00, CloudEngine 8800 V100R006C00, and CloudEngine 12800 V100R006C00 allow remote attackers with specific permission to store massive files to exhaust the shared storage space, leading to a DoS condition...

Huawei CloudEngine 12800 Switch Memory Disclosure Vulnerability (CNVD-2016-12844)

Huawei CloudEngine 12800 is a switch device from Huawei, China. The Huawei CloudEngine 12800 switch memory leak vulnerability. The memory leak is caused by the LDP processing module not freeing the memory requested for processing messages when it processes messages and finds abnormal values for...

Huawei CloudEngine 12800 Switch Memory Leak Vulnerability

Huawei CloudEngine 12800 is a switch device from Huawei, China. The Huawei CloudEngine 12800 switch memory disclosure vulnerability. Due to a lack of validation of certain fields in a message, the LDP Label Distribution Protocol processing module does not free memory requested to process the...

Denial of Service Vulnerability in Multiple Huawei Switches

Huawei CloudEngine 12800, CloudEngine 6800, CloudEngine 7800, CloudEngine 8800 are Huawei's switch devices. A denial of service vulnerability exists in multiple Huawei switches. Due to improper management of device resources, a remote attacker with certain privileges can exploit the vulnerability...

Integer Overflow Vulnerability in Some Huawei Switches

Huawei CloudEngine 12800, CloudEngine 5800, CloudEngine 6800, CloudEngine 7800, CloudEngine 8800 are Huawei's switch devices. An integer overflow vulnerability exists in some of Huawei's switches. Due to the lack of checksums on specific fields in IPFPM messages, an unauthenticated remote attacke...

Buffer overflow vulnerability in CFM function in multiple Huawei products

CloudEngine 5800, CloudEngine 6800, CloudEngine 7800, CloudEngine 8800, CloudEngine 12800 are Huawei switch devices. A buffer overflow vulnerability exists in the CFM Connectivity Fault Management feature in multiple Huawei products. When the device uses CFM and is configured with MEP Maintenance...

Input validation

Huawei NE40E and CX600 devices with software before V800R007SPH017; PTN 6900-2-M8 devices with software before V800R007SPH019; NE5000E devices with software before V800R006SPH018; and CloudEngine devices 12800 with software before V100R003SPH010 and V100R005 before V100R005SPH006 allow remote...

CVE-2016-6178

Huawei NE40E and CX600 devices with software before V800R007SPH017; PTN 6900-2-M8 devices with software before V800R007SPH019; NE5000E devices with software before V800R006SPH018; and CloudEngine devices 12800 with software before V100R003SPH010 and V100R005 before V100R005SPH006 allow remote...

CVE-2016-6178

Summary: CVE-2016-6178 affects Huawei devices across several product lines (NE40E/CX600, PTN 6900-2-M8, NE5000E, CloudEngine 12800) with specific software levels prior to SP versions V800R007SPH017/019, V800R006SPH018, V100R003SPH010, and V100R005SPH006. A remote attacker with control plane acces...

Huawei CloudEngine Series Switches Denial of Service Vulnerability

Huawei CloudEngine Series Switches are CloudEngine series switch products from Huawei, China. A security vulnerability exists in Huawei CloudEngine Series Switches that can be exploited by remote attackers to submit a special request for a denial of service attack...

Huawei CloudEngine Switch Security Bypass (HWPSIRT-2013-1256)

The remote host is a Huawei switch running a firmware version that is affected by a security bypass vulnerability due to a failure of access control. An authenticated attacker can exploit this vulnerability to execute commands with higher-level permissions. %NASLMINLEVEL 70300 C Tenable Network...

Huawei CloudEngine系列交换机安全绕过漏洞

BUGTRAQ ID: 64634 CloudEngine系列是华为公司面向下一代数据中心和高端园区推出的“云”级高性能交换机。 Huawei CloudEngine系列交换机的HWTACACS模块在实现上存在多个安全限制绕过漏洞。若攻击者拥有低权限的用户名称和密码并能够登录受影响设备，则可以利用这些漏洞绕过服务器身份验证检查，提升用户权限并执行任意命令。 0 Huawei CloudEngine Series Switches CE6800 Huawei CloudEngine Series Switches CE5800 Huawei CloudEngine Series...

Security Advisory-A Vulnerability on the HWTACACS Authorization Module of the CloudEngine

The HWTACACS modules of some Huawei CloudEngine series switches have vulnerabilities. Attackers can execute the commands that can be used by users with higher-level permissions by bypass the right check of HWTACACS server. HWPSIRT-2013-1256. This Vulnerability has been assigned Common...