CVE-2015-2800
Last modified
CVE-2015-2800 is a vulnerability of currently unknown severity. The user authentication module in Huawei Campus switches S5700, S5300, S6300, and S6700 with software before V200R001SPH012 and S7700, S9300, and S9700 with software before V200R001SPH015 allows remote attackers to cause a denial of service (device restart) via vectors involving authentication, which trigger an array access violation.. EPSS estimates a 1.74% chance of exploitation in the next 30 days.
Description
The user authentication module in Huawei Campus switches S5700, S5300, S6300, and S6700 with software before V200R001SPH012 and S7700, S9300, and S9700 with software before V200R001SPH015 allows remote attackers to cause a denial of service (device restart) via vectors involving authentication, which trigger an array access violation.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Huawei | S5700 Firmware | <= v200r001c00spc300 |
| Huawei | S5300 Firmware | <= v200r001c00spc300 |
| Huawei | S6300 Firmware | <= v200r001c00spc300 |
| Huawei | S6700 Firmware | <= v200r001c00spc300 |
| Huawei | S7700 Firmware | <= v200r001c00spc300 |
| Huawei | S9300 Firmware | <= v200r001c00spc300 |
| Huawei | S9700 Firmware | <= v200r001c00spc300 |
References
- http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-418554.htmThird Party Advisory, Vendor Advisory
- http://www.securityfocus.com/bid/73355Third Party Advisory, VDB Entry
- http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-418554.htmThird Party Advisory, Vendor Advisory
- http://www.securityfocus.com/bid/73355Third Party Advisory, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2015-2800?
How severe is CVE-2015-2800?
How do I fix CVE-2015-2800?
Are you affected by CVE-2015-2800?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST