CVE-2015-8084
Severity Score
7.1
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Huawei USG5500, USG2100, USG2200, and USG5100 unified security gateways with software before V300R001C10SPC600, when "DHCP Snooping" is enabled and either "option82 insert" or "option82 rebuild" is enabled on an interface, allow remote attackers to cause a denial of service (reboot) via crafted DHCP packets.
Puertas de enlace de seguridad unificadas Huawei USG5500, USG2100, USG2200 y USG5100 con software en versiones anteriores a V300R001C10SPC600, cuando está habilitado 'DHCP Snooping' y ya sea que 'option82 insert' u 'option82 rebuild' estén habilitado en una interfaz, permite a atacantes remotos causar una denegación de servicio (reinicio) a través de paquetes DHCP manipulados.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2015-11-06 CVE Reserved
- 2015-12-07 CVE Published
- 2024-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/77300 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-457916.htm | 2015-12-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Huawei Search vendor "Huawei" | Unified Security Gateway Firmware Search vendor "Huawei" for product "Unified Security Gateway Firmware" | <= v300r001c10 Search vendor "Huawei" for product "Unified Security Gateway Firmware" and version " <= v300r001c10" | - |
Affected
| in | Huawei Search vendor "Huawei" | Usg2100 Search vendor "Huawei" for product "Usg2100" | * | - |
Safe
|
| Huawei Search vendor "Huawei" | Unified Security Gateway Firmware Search vendor "Huawei" for product "Unified Security Gateway Firmware" | <= v300r001c10 Search vendor "Huawei" for product "Unified Security Gateway Firmware" and version " <= v300r001c10" | - |
Affected
| in | Huawei Search vendor "Huawei" | Usg2200 Search vendor "Huawei" for product "Usg2200" | * | - |
Safe
|
| Huawei Search vendor "Huawei" | Unified Security Gateway Firmware Search vendor "Huawei" for product "Unified Security Gateway Firmware" | <= v300r001c10 Search vendor "Huawei" for product "Unified Security Gateway Firmware" and version " <= v300r001c10" | - |
Affected
| in | Huawei Search vendor "Huawei" | Usg5100 Search vendor "Huawei" for product "Usg5100" | * | - |
Safe
|
| Huawei Search vendor "Huawei" | Unified Security Gateway Firmware Search vendor "Huawei" for product "Unified Security Gateway Firmware" | <= v300r001c10 Search vendor "Huawei" for product "Unified Security Gateway Firmware" and version " <= v300r001c10" | - |
Affected
| in | Huawei Search vendor "Huawei" | Usg5500 Search vendor "Huawei" for product "Usg5500" | * | - |
Safe
|