CVE-2015-8677
https://notcve.org/view.php?id=CVE-2015-8677
Memory leak in Huawei S5300EI, S5300SI, S5310HI, and S6300EI Campus series switches with software V200R003C00 before V200R003SPH011 and V200R005C00 before V200R005SPH008; S2350EI and S5300LI Campus series switches with software V200R003C00 before V200R003SPH011, V200R005C00 before V200R005SPH008, and V200R006C00 before V200R006SPH002; S9300, S7700, and S9700 Campus series switches with software V200R003C00 before V200R003SPH011, V200R005C00 before V200R005SPH009, and V200R006C00 before V200R006SPH003; S5720HI and S5720EI Campus series switches with software V200R006C00 before V200R006SPH002; and S2300 and S3300 Campus series switches with software V100R006C05 before V100R006SPH022 allows remote authenticated users to cause a denial of service (memory consumption and device restart) by logging in and out of the (1) HTTPS or (2) SFTP server, related to SSL session information. Fuga de memoria en switches Huawei de la serie Campus S5300EI, S5300SI, S5310HI y S6300EI con software V200R003C00 en versiones anteriores a V200R003SPH011 y V200R005C00 en versiones anteriores a V200R005SPH008; switches de la serie Campus S2350EI y S5300LI con software V200R003C00 en versiones anteriores a V200R003SPH011, V200R005C00 en versiones anteriores a V200R005SPH008 y V200R006C00 en versiones anteriores a V200R006SPH002; switches de la serie Campus S9300, S7700 y S9700 con software V200R003C00 en versiones anteriores a V200R003SPH011, V200R005C00 en versiones anteriores a V200R005SPH009 y V200R006C00 en versiones anteriores a V200R006SPH003; switches de la serie Campus S5720HI y S5720EI con software V200R006C00 en versiones anteriores a V200R006SPH002; y switches de la serie Campus S2300 y S3300 con software V100R006C05 en versiones anteriores a V100R006SPH022 permite a usuarios remotos autenticados causar una denegación de servicio (consumo de memoria y reinicio de dispositivo) iniciando sesión y cerrándola en el servidor (1) HTTPS o (2) SFTP, relacionada con la información de sesión SSL. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160113-03-switch-en • CWE-399: Resource Management Errors •
CVE-2016-3678
https://notcve.org/view.php?id=CVE-2016-3678
Huawei Quidway S9700, S5700, S5300, S9300, and S7700 switches with software before V200R003SPH012 allow remote attackers to cause a denial of service (switch restart) via crafted traffic. Switches Huawei Quidway S9700, S5700, S5300, S9300 y S7700 con software en versiones anteriores a V200R003SPH012 permite a atacantes remotos provocar una denegación de servicio (reinicio de switch) a través de tráfico manipulado. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160330-01-switch-en • CWE-20: Improper Input Validation •
CVE-2015-1460
https://notcve.org/view.php?id=CVE-2015-1460
Huawei Quidway switches with firmware before V200R005C00SPC300 allows remote attackers to gain privileges via a crafted packet. Los switches Huawei Quidway con firmware anterior a V200R005C00SPC300 permiten a atacantes remotos ganar privilegios a través de un paquete manipulado. • http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-411975.htm • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2014-4190
https://notcve.org/view.php?id=CVE-2014-4190
Multiple heap-based buffer overflows in Huawei Campus Series Switches S3700HI, S5700, S6700, S3300HI, S5300, S6300, S9300, S7700, and LSW S9700 with software V200R001 before V200R001SPH013; S5700, S6700, S5300, and S6300 with software V200R002 before V200R002SPH005; S7700, S9300, S9300E, S5300, S5700, S6300, S6700, S2350, S2750, and LSW S9700 with software V200R003 before V200R003SPH005; and S7700, S9300, S9300E, and LSW S9700 with software V200R005 before V200R005C00SPC300 allow remote attackers to cause a denial of service (device restart) via a crafted length field in a packet. Múltiples desbordamiento de buffer basado en memoria dinámica en Huawei Campus Series Switches S3700HI, S5700, S6700, S3300HI, S5300, S6300, S9300, S7700 y LSW S9700 con software V200R001 anterior a V200R001SPH013; S5700, S6700, S5300 y S6300 con software V200R002 anterior a V200R002SPH005; S7700, S9300, S9300E, S5300, S5700, S6300, S6700, S2350, S2750 y LSW S9700 con software V200R003 anterior a V200R003SPH005; y S7700, S9300, S9300E y LSW S9700 con software V200R005 anterior a V200R005C00SPC300 permiten a atacantes remotos causar una denegación de servicio (reinicio de dispositivo) a través de un campo de longitud manipulado en un paquete. • http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-343218.htm http://www.securityfocus.com/bid/67907 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2013-4628
https://notcve.org/view.php?id=CVE-2013-4628
The firewall module on the Huawei Quidway Service Process Unit (SPU) board S7700, S9300, and S9700 on Huawei Campus Switch devices allows remote authenticated users to obtain sensitive information from the high-priority security zone by leveraging access to the low-priority security zone. El módulo del firewall en el Huawe Quidway Service Process Unit (SPU) board S770, S9300, S9700 en dispositivos Huawei Campus Switch permite a usuarios autenticados de forma remota obtener información sensible de zonas de alta prioridad de seguridad a través del aprovechamiento del acceso a zonas de baja prioridad de seguridad. • http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-261458.htm • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •