CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2014-3223
https://notcve.org/view.php?id=CVE-2014-3223
Huawei S9300 with software before V100R006SPH013 and S2300,S3300,S5300,S6300 with software before V100R006SPH010 support Y.1731 and therefore have the Y.1731 vulnerability in processing special packets. The vulnerability causes the restart of switches. Huawei S9300 con software en versiones anteriores a V100R006SPH013 y S2300,S3300,S5300,S6300 con software en versiones anteriores a V100R006SPH010 soporte Y.1731 y por lo tanto tener la vulnerabilidad Y.1731 en el procesamiento de paquetes especiales. Ta vulnerabilidad provoca el reinicio de los switches. • http://www.huawei.com/en/psirt/security-advisories/hw-329625 • CWE-19: Data Processing Errors •
CVSS: 7.8EPSS: 0%CPEs: 59EXPL: 0CVE-2014-8572
https://notcve.org/view.php?id=CVE-2014-8572
Huawei AC6605 with software V200R001C00; AC6605 with software V200R002C00; ACU with software V200R001C00; ACU with software V200R002C00; S2300, S3300, S2700, S3700 with software V100R006C05 and earlier versions; S5300, S5700, S6300, S6700 with software V100R006, V200R001, V200R002, V200R003, V200R005C00SPC300 and earlier versions; S7700, S9300, S9300E, S9700 with software V100R006, V200R001, V200R002, V200R003, V200R005C00SPC300 and earlier versions could allow remote attackers to send a special SSH packet to the VRP device to cause a denial of service. Huawei AC6605 con software V200R001C00; AC6605 con software V200R002C00; ACU con software V200R001C00; ACU con software V200R002C00; S2300, S3300, S2700, S3700 con software V100R006C05 y versiones anteriores; S5300, S5700, S6300, S6700 con software V100R006, V200R001, V200R002, V200R003, V200R005C00SPC300 y versiones anteriores; S7700, S9300, S9300E, S9700 con software V100R006, V200R001, V200R002, V200R003, V200R005C00SPC300 y versiones anteriores podrían permitir a atacantes remotos enviar un paquete SSH especial al dispositivo VRP para provocar una denegación de servicio. • http://www.huawei.com/en/psirt/security-advisories/hw-373182 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 34EXPL: 0CVE-2015-8676
https://notcve.org/view.php?id=CVE-2015-8676
Memory leak in Huawei S5300EI, S5300SI, S5310HI, S6300EI/ S2350EI, and S5300LI Campus series switches with software V200R001C00 before V200R001SPH018, V200R002C00 before V200R003SPH011, and V200R003C00 before V200R003SPH011; S9300, S7700, and S9700 Campus series switches with software V200R001C00 before V200R001SPH023, V200R002C00 before V200R003SPH011, and V200R003C00 before V200R003SPH011; and S2300 and S3300 Campus series switches with software V100R006C05 before V100R006SPH022 allows remote attackers to cause a denial of service (memory consumption and reboot) via a large number of ICMPv6 packets. Fuga de memoria en switches Huawei de la serie Campus S5300EI, S5300SI, S5310HI, S6300EI/ S2350EI y S5300LI con software V200R001C00 en versiones anteriores a V200R001SPH018, V200R002C00 en versiones anteriores a V200R003SPH011 y V200R003C00 en versiones anteriores a V200R003SPH011; switches de la serie Campus S9300, S7700 y S9700 con software V200R001C00 en versiones anteriores a V200R001SPH023, V200R002C00 en versiones anteriores a V200R003SPH011 y V200R003C00 en versiones anteriores a V200R003SPH011; y switches de la serie Campus S2300 y S3300 con software V100R006C05 en versiones anteriores a V100R006SPH022 permite a atacantes remotos causar una denegación de servicio (consumo de memoria y reinicio) a través de un gran número de paquetes ICMPv6. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160113-02-switch-en • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-399: Resource Management Errors •
CVSS: 6.8EPSS: 0%CPEs: 40EXPL: 0CVE-2015-8677
https://notcve.org/view.php?id=CVE-2015-8677
Memory leak in Huawei S5300EI, S5300SI, S5310HI, and S6300EI Campus series switches with software V200R003C00 before V200R003SPH011 and V200R005C00 before V200R005SPH008; S2350EI and S5300LI Campus series switches with software V200R003C00 before V200R003SPH011, V200R005C00 before V200R005SPH008, and V200R006C00 before V200R006SPH002; S9300, S7700, and S9700 Campus series switches with software V200R003C00 before V200R003SPH011, V200R005C00 before V200R005SPH009, and V200R006C00 before V200R006SPH003; S5720HI and S5720EI Campus series switches with software V200R006C00 before V200R006SPH002; and S2300 and S3300 Campus series switches with software V100R006C05 before V100R006SPH022 allows remote authenticated users to cause a denial of service (memory consumption and device restart) by logging in and out of the (1) HTTPS or (2) SFTP server, related to SSL session information. Fuga de memoria en switches Huawei de la serie Campus S5300EI, S5300SI, S5310HI y S6300EI con software V200R003C00 en versiones anteriores a V200R003SPH011 y V200R005C00 en versiones anteriores a V200R005SPH008; switches de la serie Campus S2350EI y S5300LI con software V200R003C00 en versiones anteriores a V200R003SPH011, V200R005C00 en versiones anteriores a V200R005SPH008 y V200R006C00 en versiones anteriores a V200R006SPH002; switches de la serie Campus S9300, S7700 y S9700 con software V200R003C00 en versiones anteriores a V200R003SPH011, V200R005C00 en versiones anteriores a V200R005SPH009 y V200R006C00 en versiones anteriores a V200R006SPH003; switches de la serie Campus S5720HI y S5720EI con software V200R006C00 en versiones anteriores a V200R006SPH002; y switches de la serie Campus S2300 y S3300 con software V100R006C05 en versiones anteriores a V100R006SPH022 permite a usuarios remotos autenticados causar una denegación de servicio (consumo de memoria y reinicio de dispositivo) iniciando sesión y cerrándola en el servidor (1) HTTPS o (2) SFTP, relacionada con la información de sesión SSL. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160113-03-switch-en • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 0%CPEs: 19EXPL: 0CVE-2012-6570
https://notcve.org/view.php?id=CVE-2012-6570
The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches does not check whether HTTP data is longer than the value of the Content-Length field, which allows remote HTTP servers to conduct heap-based buffer overflow attacks and execute arbitrary code via a crafted response. El módulo HTTP en (1) Branch Intelligent Management System (BIMS) y (2) componentes de gestión web de switches de Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, y S8500 no comprueba si los datos HTTP son mayores que el valor del campo Content-Length, que permite a los servidores HTTP remotos realizar ataques de desbordamiento de búfer basado en montículo y ejecutar código arbitrario a través de una respuesta elaborada. • http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194361.htm • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •