Strix
26.1K

CVE-2014-8570

UnknownEPSS 0.60%

Last modified

CVE-2014-8570 is a vulnerability of currently unknown severity. Huawei S9300, S9303, S9306, S9312 with software V100R002; S7700, S7703, S7706, S7712 with software V100R003, V100R006, V200R001, V200R002, V200R003, V200R005; S9300E, S9303E, S9306E, S9312E with software V200R001; S9700, S9703, S9706, S9712 with software V200R002, V200R003, V200R005; S12708, S12712 with software V200R005; 5700HI, 5300HI with software V100R006, V200R001, V200R002, V200R003, V200R005; 5710EI, 5310EI with software V200R002, V200R003, V200R005; 5710HI, 5310HI with software V200R003, V200R005; 6700EI, 6300EI with software V200R005 could cause a leak of IP addresses of devices, related to unintended interface support for VRP MPLS LSP Ping.. EPSS estimates a 0.60% chance of exploitation in the next 30 days.

Description

Huawei S9300, S9303, S9306, S9312 with software V100R002; S7700, S7703, S7706, S7712 with software V100R003, V100R006, V200R001, V200R002, V200R003, V200R005; S9300E, S9303E, S9306E, S9312E with software V200R001; S9700, S9703, S9706, S9712 with software V200R002, V200R003, V200R005; S12708, S12712 with software V200R005; 5700HI, 5300HI with software V100R006, V200R001, V200R002, V200R003, V200R005; 5710EI, 5310EI with software V200R002, V200R003, V200R005; 5710HI, 5310HI with software V200R003, V200R005; 6700EI, 6300EI with software V200R005 could cause a leak of IP addresses of devices, related to unintended interface support for VRP MPLS LSP Ping.

Metrics

EPSS Probability
0.60%

44.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
HuaweiS9300 Firmwarev100r002
HuaweiS9300 Firmwarev100r003
HuaweiS9300 Firmwarev100r006
HuaweiS9300 Firmwarev200r001
HuaweiS9300 Firmwarev200r002
HuaweiS9300 Firmwarev200r003
HuaweiS9300 Firmwarev200r005
HuaweiS9303 Firmwarev100r002
HuaweiS9303 Firmwarev100r003
HuaweiS9303 Firmwarev100r006
HuaweiS9303 Firmwarev200r001
HuaweiS9303 Firmwarev200r002
HuaweiS9303 Firmwarev200r003
HuaweiS9303 Firmwarev200r005
HuaweiS9306 Firmwarev100r002
HuaweiS9306 Firmwarev100r003
HuaweiS9306 Firmwarev100r006
HuaweiS9306 Firmwarev200r001
HuaweiS9306 Firmwarev200r002
HuaweiS9306 Firmwarev200r003
HuaweiS9306 Firmwarev200r005
HuaweiS9312 Firmwarev100r002
HuaweiS9312 Firmwarev100r003
HuaweiS9312 Firmwarev100r006
HuaweiS9312 Firmwarev200r001
HuaweiS9312 Firmwarev200r002
HuaweiS9312 Firmwarev200r003
HuaweiS9312 Firmwarev200r005
HuaweiS7700 Firmwarev100r002
HuaweiS7700 Firmwarev100r003
HuaweiS7700 Firmwarev100r006
HuaweiS7700 Firmwarev200r001
HuaweiS7700 Firmwarev200r002
HuaweiS7700 Firmwarev200r003
HuaweiS7700 Firmwarev200r005
HuaweiS7703 Firmwarev100r002
HuaweiS7703 Firmwarev100r003
HuaweiS7703 Firmwarev100r006
HuaweiS7703 Firmwarev200r001
HuaweiS7703 Firmwarev200r002
HuaweiS7703 Firmwarev200r003
HuaweiS7703 Firmwarev200r005
HuaweiS7706 Firmwarev100r002
HuaweiS7706 Firmwarev100r003
HuaweiS7706 Firmwarev100r006
HuaweiS7706 Firmwarev200r001
HuaweiS7706 Firmwarev200r002
HuaweiS7706 Firmwarev200r003
HuaweiS7706 Firmwarev200r005
HuaweiS7712 Firmwarev100r002

Showing 50 of 112 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2014-8570?
Huawei S9300, S9303, S9306, S9312 with software V100R002; S7700, S7703, S7706, S7712 with software V100R003, V100R006, V200R001, V200R002, V200R003, V200R005; S9300E, S9303E, S9306E, S9312E with software V200R001; S9700, S9703, S9706, S9712 with software V200R002, V200R003, V200R005; S12708, S12712 with software V200R005; 5700HI, 5300HI with software V100R006, V200R001, V200R002, V200R003, V200R005; 5710EI, 5310EI with software V200R002, V200R003, V200R005; 5710HI, 5310HI with software V200R003, V200R005; 6700EI, 6300EI with software V200R005 could cause a leak of IP addresses of devices, related to unintended interface support for VRP MPLS LSP Ping.
How severe is CVE-2014-8570?
Severity scoring for CVE-2014-8570 is pending analysis. The EPSS model estimates a 0.60% probability of exploitation in the next 30 days.
How do I fix CVE-2014-8570?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2014-8570?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST