Strix
26.1K

CVE-2015-5434

UnknownEPSS 2.05%

Last modified

CVE-2015-5434 is a vulnerability of currently unknown severity. HPE Networking Products, originally branded as Comware 5, Comware 7, H3C, or HP, allow remote attackers to bypass intended access restrictions or cause a denial of service via "Virtual routing and forwarding (VRF) hopping.". EPSS estimates a 2.05% chance of exploitation in the next 30 days.

Description

HPE Networking Products, originally branded as Comware 5, Comware 7, H3C, or HP, allow remote attackers to bypass intended access restrictions or cause a denial of service via "Virtual routing and forwarding (VRF) hopping."

Metrics

EPSS Probability
2.05%

78.7th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
HpJg786a Hp Flexfabric 12500 4-Port 100gbe Cfp FdAll versions
HpJg787a Hp Flexfabric 12500 4-Port 100gbe Cfp Fd TaaAll versions
HpJg788a Hp Flexfabric 12500 4-Port 100gbe Cfp FgAll versions
HpJg789a Hp Flexfabric 12500 4-Port 100gbe Cfp Fg TaaAll versions
HpJg798a Hp Flexfabric 12508e FabricAll versions
HpJg810aae Hp Vsr1001 Virtual Services Router 60 Day EvaluationAll versions
HpJh192a Hp 10500 48-Port Gig-T \(Rj45\) SeAll versions
HpJh196a Hp 10500 2-Port 100gbe Cfp EcAll versions
HpJc072b Hp 12500 Main Processing UnitAll versions
HpJc085a Hp A12518 Switch ChassisAll versions
HpJc086a Hp A12508 Switch ChassisAll versions
HpJc124a Hp A9508 Switch ChassisAll versions
HpJc124b Hp 9505 Switch ChassisAll versions
HpJc125a Hp A9512 Switch ChassisAll versions
HpJc125b Hp 9512 Switch ChassisAll versions
HpJc474a Hp A9508-V Switch ChassisAll versions
HpJc474b Hp 9508-V Switch ChassisAll versions
HpJc611a Hp 10508-V Switch ChassisAll versions
HpJc612a Hp 10508 Switch ChassisAll versions
HpJc613a Hp 10504 Switch ChassisAll versions
HpJc652a Hp 12508 Dc Switch ChassisAll versions
HpJc653a Hp 12518 Dc Switch ChassisAll versions
HpJc654a Hp 12504 Ac Switch ChassisAll versions
HpJc655a Hp 12504 Dc Switch ChassisAll versions
HpJc748a Hp 10512 Switch ChassisAll versions
HpJc808a Hp 12500 Taa Main Processing UnitAll versions
HpJf430a Hp A12518 Switch ChassisAll versions
HpJf430b Hp 12518 Switch ChassisAll versions
HpJf430c Hp 12518 Ac Switch ChassisAll versions
HpJf431a Hp A12508 Switch ChassisAll versions
HpJf431b Hp 12508 Switch ChassisAll versions
HpJf431c Hp 12508 Ac Switch ChassisAll versions
HpJg296a Hp 5920af-24xg SwitchAll versions
HpJg353a Hp Hsr6602-G RouterAll versions
HpJg354a Hp Hsr6602-Xg RouterAll versions
HpJg361a Hp Hsr6802 Router ChassisAll versions
HpJg361b Hp Hsr6802 Router ChassisAll versions
HpJg362a Hp Hsr6804 Router ChassisAll versions
HpJg362b Hp Hsr6804 Router ChassisAll versions
HpJg363a Hp Hsr6808 Router ChassisAll versions
HpJg363b Hp Hsr6808 Router ChassisAll versions
HpJg364a Hp Hsr6800 Rse-X2 Router Main Processing UnitAll versions
HpJg402a Hp Msr4080 Router ChassisAll versions
HpJg403a Hp Msr4060 Router ChassisAll versions
HpJg404a Hp Msr3064 RouterAll versions
HpJg405a Hp Msr3044 RouterAll versions
HpJg406a Hp Msr3024 Ac RouterAll versions
HpJg407a Hp Msr3024 Dc RouterAll versions
HpJg408a Hp Msr3024 Poe RouterAll versions
HpJg409a Hp Msr3012 Ac RouterAll versions

Showing 50 of 87 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2015-5434?
HPE Networking Products, originally branded as Comware 5, Comware 7, H3C, or HP, allow remote attackers to bypass intended access restrictions or cause a denial of service via "Virtual routing and forwarding (VRF) hopping."
How severe is CVE-2015-5434?
Severity scoring for CVE-2015-5434 is pending analysis. The EPSS model estimates a 2.05% probability of exploitation in the next 30 days.
How do I fix CVE-2015-5434?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2015-5434?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST