Page 5 of 31 results (0.005 seconds)

CVSS: 7.5EPSS: 0%CPEs: 166EXPL: 0

AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 6800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 7800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 8800 with software V100R006C00, V200R001C00,E600 V200R008C00,S12700 with software V200R005C00, V200R006C00, V200R007C00, V200R008C00,S1700 with software V100R006C00, V100R007C00, V200R006C00,S2300 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S2700 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S5300 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S5700 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S6300 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R008C00,S6700 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S7700 with software V100R003C00, V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S9300 with software V100R001C00, V100R002C00, V100R003C00, V100R006C00, V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R008C10,S9700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,Secospace USG6600 V500R001C00SPC050 have a MaxAge LSA vulnerability due to improper OSPF implementation. When the device receives special LSA packets, the LS (Link Status) age would be set to MaxAge, 3600 seconds. An attacker can exploit this vulnerability to poison the route table and launch a DoS attack. AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 con software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 con software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 con software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 con software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 6800 con software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 7800 con software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 8800 con software V100R006C00, V200R001C00,E600 V200R008C00,S12700 con software V200R005C00, V200R006C00, V200R007C00, V200R008C00,S1700 con software V100R006C00, V100R007C00, V200R006C00,S2300 con software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S2700 con software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S5300 con software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S5700 con software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S6300 con software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R008C00,S6700 con software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S7700 con software V100R003C00, V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S9300 con software V100R001C00, V100R002C00, V100R003C00, V100R006C00, V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R008C10,S9700 con software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00 y Secospace USG6600 V500R001C00SPC050 tienen una vulnerabilidad MaxAge LSA debido a una implementación OSPF incorrecta. Cuando el dispositivo recibe paquetes LSA especiales, la propiedad age del LS (Link Status) sería igual al de MaxAge, 3600 segundos. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170720-01-ospf-en • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 0%CPEs: 121EXPL: 0

The IP stack in multiple Huawei Campus series switch models allows remote attackers to cause a denial of service (reboot) via a crafted ICMP request message. En varios modelos de switch de la serie Huawei Campus, la pila IP permite a atacantes remotos causar una denegación de servicio (reinicio) a través de un mensaje de solicitud ICMP manipulado. • http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-427449.htm • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: 45EXPL: 0

Huawei S5300 with software V200R003C00, V200R007C00, V200R008C00, V200R009C00; S5700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R005C03, V200R007C00, V200R008C00, V200R009C00; S6300 with software V200R003C00, V200R005C00, V200R008C00, V200R009C00; S6700 with software V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R008C00, V200R009C00; S7700 with software V200R007C00, V200R008C00, V200R009C00; S9300 with software V200R007C00, V200R008C00, V200R009C00; S9700 with software V200R007C00, V200R008C00, V200R009C00; and S12700 with software V200R007C00, V200R007C01, V200R008C00, V200R009C00 allow the attacker to cause a denial of service condition by sending malformed MPLS packets. Huawei S5300 con software V200R003C00, V200R007C00, V200R008C00, V200R009C00; S5700 con software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R005C03, V200R007C00, V200R008C00, V200R009C00; S6300 con software V200R003C00, V200R005C00, V200R008C00, V200R009C00; S6700 con software V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R008C00, V200R009C00; S7700 con software V200R007C00, V200R008C00, V200R009C00; S9300 con software V200R007C00, V200R008C00, V200R009C00; S9700 con software V200R007C00, V200R008C00, V200R009C00; y S12700 con software V200R007C00, V200R007C01, V200R008C00, V200R009C00 permiten al atacante provocar una condición de denegación de servicio enviando paquetes MPLS mal formados. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161111-01-mpls-en http://www.securityfocus.com/bid/94285 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: 33EXPL: 0

Huawei AR3200 with software V200R007C00, V200R005C32, V200R005C20; S12700 with software V200R008C00, V200R007C00; S5300 with software V200R008C00, V200R007C00, V200R006C00; S5700 with software V200R008C00, V200R007C00, V200R006C00; S6300 with software V200R008C00, V200R007C00; S6700 with software V200R008C00, V200R007C00; S7700 with software V200R008C00, V200R007C00, V200R006C00; S9300 with software V200R008C00, V200R007C00, V200R006C00; and S9700 with software V200R008C00, V200R007C00, V200R006C00 allow remote attackers to send abnormal Multiprotocol Label Switching (MPLS) packets to cause memory exhaustion. Huawei AR3200 con software V200R007C00, V200R005C32, V200R005C20; S12700 con software V200R008C00, V200R007C00; S5300 con software V200R008C00, V200R007C00, V200R006C00; S5700 con software V200R008C00, V200R007C00, V200R006C00; S6300 con software V200R008C00, V200R007C00; S6700 con software V200R008C00, V200R007C00; S7700 con software V200R008C00, V200R007C00, V200R006C00; S9300 con software V200R008C00, V200R007C00, V200R006C00; y S9700 con software V200R008C00, V200R007C00, V200R006C00 permiten a atacantes remotos enviar paquetes Multiprotocol Label Switching (MPLS) anormales para provocar un agotamiento de la memoria. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160608-01-mpls-en • CWE-399: Resource Management Errors •

CVSS: 7.5EPSS: 0%CPEs: 30EXPL: 0

Huawei switches S5700, S6700, S7700, S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00; S12700 with software V200R005C00SPC500, V200R006C00; ACU2 with software V200R005C00SPC500, V200R006C00 have a permission control vulnerability. If a switch enables Authentication, Authorization, and Accounting (AAA) for permission control and user permissions are not appropriate, AAA users may obtain the virtual type terminal (VTY) access permission, resulting in privilege escalation. Switches Huawei S5700, S6700, S7700, S9700 con software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00; S12700 con software V200R005C00SPC500, V200R006C00; ACU2 con software V200R005C00SPC500, V200R006C00 tiene una vulnerabilidad de control de permisos. Si un switch habilita Authentication, Authorization y Accounting (AAA) para el control de permisos y los permisos de usuario no son apropiados, los usuarios AAA pueden obtener el permiso de acceso al terminal de tipo virtual (VTY), resultando en una escalada de privilegios. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160217-01-switch-en • CWE-264: Permissions, Privileges, and Access Controls •