CVSS: 7.5EPSS: 0%CPEs: 30EXPL: 0CVE-2016-2404
https://notcve.org/view.php?id=CVE-2016-2404
Huawei switches S5700, S6700, S7700, S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00; S12700 with software V200R005C00SPC500, V200R006C00; ACU2 with software V200R005C00SPC500, V200R006C00 have a permission control vulnerability. If a switch enables Authentication, Authorization, and Accounting (AAA) for permission control and user permissions are not appropriate, AAA users may obtain the virtual type terminal (VTY) access permission, resulting in privilege escalation. Switches Huawei S5700, S6700, S7700, S9700 con software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00; S12700 con software V200R005C00SPC500, V200R006C00; ACU2 con software V200R005C00SPC500, V200R006C00 tiene una vulnerabilidad de control de permisos. Si un switch habilita Authentication, Authorization y Accounting (AAA) para el control de permisos y los permisos de usuario no son apropiados, los usuarios AAA pueden obtener el permiso de acceso al terminal de tipo virtual (VTY), resultando en una escalada de privilegios. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160217-01-switch-en • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 33EXPL: 0CVE-2016-8797
https://notcve.org/view.php?id=CVE-2016-8797
Huawei AR3200 with software V200R007C00, V200R005C32, V200R005C20; S12700 with software V200R008C00, V200R007C00; S5300 with software V200R008C00, V200R007C00, V200R006C00; S5700 with software V200R008C00, V200R007C00, V200R006C00; S6300 with software V200R008C00, V200R007C00; S6700 with software V200R008C00, V200R007C00; S7700 with software V200R008C00, V200R007C00, V200R006C00; S9300 with software V200R008C00, V200R007C00, V200R006C00; and S9700 with software V200R008C00, V200R007C00, V200R006C00 allow remote attackers to send abnormal Multiprotocol Label Switching (MPLS) packets to cause memory exhaustion. Huawei AR3200 con software V200R007C00, V200R005C32, V200R005C20; S12700 con software V200R008C00, V200R007C00; S5300 con software V200R008C00, V200R007C00, V200R006C00; S5700 con software V200R008C00, V200R007C00, V200R006C00; S6300 con software V200R008C00, V200R007C00; S6700 con software V200R008C00, V200R007C00; S7700 con software V200R008C00, V200R007C00, V200R006C00; S9300 con software V200R008C00, V200R007C00, V200R006C00; y S9700 con software V200R008C00, V200R007C00, V200R006C00 permiten a atacantes remotos enviar paquetes Multiprotocol Label Switching (MPLS) anormales para provocar un agotamiento de la memoria. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160608-01-mpls-en • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 58EXPL: 0CVE-2016-6518
https://notcve.org/view.php?id=CVE-2016-6518
Memory leak in Huawei S9300, S5300, S5700, S6700, S7700, S9700, and S12700 devices allows remote attackers to cause a denial of service (memory consumption and restart) via a large number of malformed packets. Fuga de memoria en dispositivos Huawei S9300, S5300, S5700, S6700, S7700, S9700 y S12700 permite a atacantes remotos provocar una denegación de servicio (consumo de memoria y reinicio) a través de un gran número de paquetes malformados. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160914-01-sep-en http://www.securityfocus.com/bid/92968 • CWE-399: Resource Management Errors •