CVE-2015-8677

Severity Score

6.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Memory leak in Huawei S5300EI, S5300SI, S5310HI, and S6300EI Campus series switches with software V200R003C00 before V200R003SPH011 and V200R005C00 before V200R005SPH008; S2350EI and S5300LI Campus series switches with software V200R003C00 before V200R003SPH011, V200R005C00 before V200R005SPH008, and V200R006C00 before V200R006SPH002; S9300, S7700, and S9700 Campus series switches with software V200R003C00 before V200R003SPH011, V200R005C00 before V200R005SPH009, and V200R006C00 before V200R006SPH003; S5720HI and S5720EI Campus series switches with software V200R006C00 before V200R006SPH002; and S2300 and S3300 Campus series switches with software V100R006C05 before V100R006SPH022 allows remote authenticated users to cause a denial of service (memory consumption and device restart) by logging in and out of the (1) HTTPS or (2) SFTP server, related to SSL session information.

Fuga de memoria en switches Huawei de la serie Campus S5300EI, S5300SI, S5310HI y S6300EI con software V200R003C00 en versiones anteriores a V200R003SPH011 y V200R005C00 en versiones anteriores a V200R005SPH008; switches de la serie Campus S2350EI y S5300LI con software V200R003C00 en versiones anteriores a V200R003SPH011, V200R005C00 en versiones anteriores a V200R005SPH008 y V200R006C00 en versiones anteriores a V200R006SPH002; switches de la serie Campus S9300, S7700 y S9700 con software V200R003C00 en versiones anteriores a V200R003SPH011, V200R005C00 en versiones anteriores a V200R005SPH009 y V200R006C00 en versiones anteriores a V200R006SPH003; switches de la serie Campus S5720HI y S5720EI con software V200R006C00 en versiones anteriores a V200R006SPH002; y switches de la serie Campus S2300 y S3300 con software V100R006C05 en versiones anteriores a V100R006SPH022 permite a usuarios remotos autenticados causar una denegación de servicio (consumo de memoria y reinicio de dispositivo) iniciando sesión y cerrándola en el servidor (1) HTTPS o (2) SFTP, relacionada con la información de sesión SSL.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

Single

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2015-12-25 CVE Reserved
2016-04-14 CVE Published
2023-03-08 EPSS Updated
2024-08-06 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-399: Resource Management Errors

CAPEC

References (1)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160113-03-switch-en	2019-06-20

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Huawei Search vendor "Huawei"	S5300ei Firmware Search vendor "Huawei" for product "S5300ei Firmware"	>= v200r003c00 < v200r003sph011 Search vendor "Huawei" for product "S5300ei Firmware" and version " >= v200r003c00 < v200r003sph011"	-	Affected	in	Huawei Search vendor "Huawei"	S5300ei Search vendor "Huawei" for product "S5300ei"	-	-	Safe
Huawei Search vendor "Huawei"	S5300ei Firmware Search vendor "Huawei" for product "S5300ei Firmware"	>= v200r005c00 < v200r005sph008 Search vendor "Huawei" for product "S5300ei Firmware" and version " >= v200r005c00 < v200r005sph008"	-	Affected	in	Huawei Search vendor "Huawei"	S5300ei Search vendor "Huawei" for product "S5300ei"	-	-	Safe
Huawei Search vendor "Huawei"	S5300si Firmware Search vendor "Huawei" for product "S5300si Firmware"	>= v200r001c00 < v200r001sph018 Search vendor "Huawei" for product "S5300si Firmware" and version " >= v200r001c00 < v200r001sph018"	-	Affected	in	Huawei Search vendor "Huawei"	S5300si Search vendor "Huawei" for product "S5300si"	-	-	Safe
Huawei Search vendor "Huawei"	S5300si Firmware Search vendor "Huawei" for product "S5300si Firmware"	>= v200r002c00 < v200r003sph011 Search vendor "Huawei" for product "S5300si Firmware" and version " >= v200r002c00 < v200r003sph011"	-	Affected	in	Huawei Search vendor "Huawei"	S5300si Search vendor "Huawei" for product "S5300si"	-	-	Safe
Huawei Search vendor "Huawei"	S5310hi Firmware Search vendor "Huawei" for product "S5310hi Firmware"	>= v200r001c00 < v200r001sph018 Search vendor "Huawei" for product "S5310hi Firmware" and version " >= v200r001c00 < v200r001sph018"	-	Affected	in	Huawei Search vendor "Huawei"	S5310hi Search vendor "Huawei" for product "S5310hi"	-	-	Safe
Huawei Search vendor "Huawei"	S5310hi Firmware Search vendor "Huawei" for product "S5310hi Firmware"	>= v200r002c00 < v200r003sph011 Search vendor "Huawei" for product "S5310hi Firmware" and version " >= v200r002c00 < v200r003sph011"	-	Affected	in	Huawei Search vendor "Huawei"	S5310hi Search vendor "Huawei" for product "S5310hi"	-	-	Safe
Huawei Search vendor "Huawei"	S6300ei Firmware Search vendor "Huawei" for product "S6300ei Firmware"	>= v200r001c00 < v200r001sph018 Search vendor "Huawei" for product "S6300ei Firmware" and version " >= v200r001c00 < v200r001sph018"	-	Affected	in	Huawei Search vendor "Huawei"	S6300ei Search vendor "Huawei" for product "S6300ei"	-	-	Safe
Huawei Search vendor "Huawei"	S6300ei Firmware Search vendor "Huawei" for product "S6300ei Firmware"	>= v200r002c00 < v200r003sph011 Search vendor "Huawei" for product "S6300ei Firmware" and version " >= v200r002c00 < v200r003sph011"	-	Affected	in	Huawei Search vendor "Huawei"	S6300ei Search vendor "Huawei" for product "S6300ei"	-	-	Safe
Huawei Search vendor "Huawei"	S5300li Firmware Search vendor "Huawei" for product "S5300li Firmware"	>= v200r003c00 < v200r003sph011 Search vendor "Huawei" for product "S5300li Firmware" and version " >= v200r003c00 < v200r003sph011"	-	Affected	in	Huawei Search vendor "Huawei"	S5300li Search vendor "Huawei" for product "S5300li"	-	-	Safe
Huawei Search vendor "Huawei"	S5300li Firmware Search vendor "Huawei" for product "S5300li Firmware"	>= v200r005c00 < v200r005sph008 Search vendor "Huawei" for product "S5300li Firmware" and version " >= v200r005c00 < v200r005sph008"	-	Affected	in	Huawei Search vendor "Huawei"	S5300li Search vendor "Huawei" for product "S5300li"	-	-	Safe
Huawei Search vendor "Huawei"	S5300li Firmware Search vendor "Huawei" for product "S5300li Firmware"	>= v200r006c00 < v200r006sph002 Search vendor "Huawei" for product "S5300li Firmware" and version " >= v200r006c00 < v200r006sph002"	-	Affected	in	Huawei Search vendor "Huawei"	S5300li Search vendor "Huawei" for product "S5300li"	-	-	Safe
Huawei Search vendor "Huawei"	S2350ei Firmware Search vendor "Huawei" for product "S2350ei Firmware"	>= v200r003c00 < v200r003sph011 Search vendor "Huawei" for product "S2350ei Firmware" and version " >= v200r003c00 < v200r003sph011"	-	Affected	in	Huawei Search vendor "Huawei"	S2350ei Search vendor "Huawei" for product "S2350ei"	-	-	Safe
Huawei Search vendor "Huawei"	S2350ei Firmware Search vendor "Huawei" for product "S2350ei Firmware"	>= v200r005c00 < v200r005sph008 Search vendor "Huawei" for product "S2350ei Firmware" and version " >= v200r005c00 < v200r005sph008"	-	Affected	in	Huawei Search vendor "Huawei"	S2350ei Search vendor "Huawei" for product "S2350ei"	-	-	Safe
Huawei Search vendor "Huawei"	S2350ei Firmware Search vendor "Huawei" for product "S2350ei Firmware"	>= v200r006c00 < v200r006sph002 Search vendor "Huawei" for product "S2350ei Firmware" and version " >= v200r006c00 < v200r006sph002"	-	Affected	in	Huawei Search vendor "Huawei"	S2350ei Search vendor "Huawei" for product "S2350ei"	-	-	Safe
Huawei Search vendor "Huawei"	S9300 Firmware Search vendor "Huawei" for product "S9300 Firmware"	>= v200r003c00 < v200r003sph011 Search vendor "Huawei" for product "S9300 Firmware" and version " >= v200r003c00 < v200r003sph011"	-	Affected	in	Huawei Search vendor "Huawei"	S9300 Search vendor "Huawei" for product "S9300"	-	-	Safe
Huawei Search vendor "Huawei"	S9300 Firmware Search vendor "Huawei" for product "S9300 Firmware"	>= v200r005c00 < v200r005sph009 Search vendor "Huawei" for product "S9300 Firmware" and version " >= v200r005c00 < v200r005sph009"	-	Affected	in	Huawei Search vendor "Huawei"	S9300 Search vendor "Huawei" for product "S9300"	-	-	Safe
Huawei Search vendor "Huawei"	S9300 Firmware Search vendor "Huawei" for product "S9300 Firmware"	>= v200r006c00 < v200r006sph003 Search vendor "Huawei" for product "S9300 Firmware" and version " >= v200r006c00 < v200r006sph003"	-	Affected	in	Huawei Search vendor "Huawei"	S9300 Search vendor "Huawei" for product "S9300"	-	-	Safe
Huawei Search vendor "Huawei"	S9700 Firmware Search vendor "Huawei" for product "S9700 Firmware"	>= v200r003c00 < v200r003sph011 Search vendor "Huawei" for product "S9700 Firmware" and version " >= v200r003c00 < v200r003sph011"	-	Affected	in	Huawei Search vendor "Huawei"	S9700 Search vendor "Huawei" for product "S9700"	-	-	Safe
Huawei Search vendor "Huawei"	S9700 Firmware Search vendor "Huawei" for product "S9700 Firmware"	>= v200r005c00 < v200r005sph009 Search vendor "Huawei" for product "S9700 Firmware" and version " >= v200r005c00 < v200r005sph009"	-	Affected	in	Huawei Search vendor "Huawei"	S9700 Search vendor "Huawei" for product "S9700"	-	-	Safe
Huawei Search vendor "Huawei"	S9700 Firmware Search vendor "Huawei" for product "S9700 Firmware"	>= v200r006c00 < v200r006sph003 Search vendor "Huawei" for product "S9700 Firmware" and version " >= v200r006c00 < v200r006sph003"	-	Affected	in	Huawei Search vendor "Huawei"	S9700 Search vendor "Huawei" for product "S9700"	-	-	Safe
Huawei Search vendor "Huawei"	S7700 Firmware Search vendor "Huawei" for product "S7700 Firmware"	>= v200r003c00 < v200r003sph011 Search vendor "Huawei" for product "S7700 Firmware" and version " >= v200r003c00 < v200r003sph011"	-	Affected	in	Huawei Search vendor "Huawei"	S7700 Search vendor "Huawei" for product "S7700"	-	-	Safe
Huawei Search vendor "Huawei"	S7700 Firmware Search vendor "Huawei" for product "S7700 Firmware"	>= v200r005c00 < v200r005sph009 Search vendor "Huawei" for product "S7700 Firmware" and version " >= v200r005c00 < v200r005sph009"	-	Affected	in	Huawei Search vendor "Huawei"	S7700 Search vendor "Huawei" for product "S7700"	-	-	Safe
Huawei Search vendor "Huawei"	S7700 Firmware Search vendor "Huawei" for product "S7700 Firmware"	>= v200r006c00 < v200r006sph003 Search vendor "Huawei" for product "S7700 Firmware" and version " >= v200r006c00 < v200r006sph003"	-	Affected	in	Huawei Search vendor "Huawei"	S7700 Search vendor "Huawei" for product "S7700"	-	-	Safe
Huawei Search vendor "Huawei"	S5720hi Firmware Search vendor "Huawei" for product "S5720hi Firmware"	>= v200r006c00 < v200r006sph002 Search vendor "Huawei" for product "S5720hi Firmware" and version " >= v200r006c00 < v200r006sph002"	-	Affected	in	Huawei Search vendor "Huawei"	S5720hi Search vendor "Huawei" for product "S5720hi"	-	-	Safe
Huawei Search vendor "Huawei"	S5720ei Firmware Search vendor "Huawei" for product "S5720ei Firmware"	>= v200r006c00 < v200r006sph002 Search vendor "Huawei" for product "S5720ei Firmware" and version " >= v200r006c00 < v200r006sph002"	-	Affected	in	Huawei Search vendor "Huawei"	S5720ei Search vendor "Huawei" for product "S5720ei"	-	-	Safe
Huawei Search vendor "Huawei"	S2300 Firmware Search vendor "Huawei" for product "S2300 Firmware"	>= v100r006c05 < v100r006sph022 Search vendor "Huawei" for product "S2300 Firmware" and version " >= v100r006c05 < v100r006sph022"	-	Affected	in	Huawei Search vendor "Huawei"	S2300 Search vendor "Huawei" for product "S2300"	-	-	Safe
Huawei Search vendor "Huawei"	S3300 Firmware Search vendor "Huawei" for product "S3300 Firmware"	>= v100r006c05 < v100r006sph022 Search vendor "Huawei" for product "S3300 Firmware" and version " >= v100r006c05 < v100r006sph022"	-	Affected	in	Huawei Search vendor "Huawei"	S3300 Search vendor "Huawei" for product "S3300"	-	-	Safe