CVE-2015-2800
Summary
| CVE | CVE-2015-2800 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2017-06-08 16:29:00 UTC |
| Updated | 2017-06-20 13:20:00 UTC |
| Description | The user authentication module in Huawei Campus switches S5700, S5300, S6300, and S6700 with software before V200R001SPH012 and S7700, S9300, and S9700 with software before V200R001SPH015 allows remote attackers to cause a denial of service (device restart) via vectors involving authentication, which trigger an array access violation. |
Risk And Classification
Problem Types: CWE-287
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Huawei | Campus S5300 | - | All | All | All |
| Hardware | Huawei | Campus S5300 | - | All | All | All |
| Hardware | Huawei | Campus S5700 | - | All | All | All |
| Hardware | Huawei | Campus S5700 | - | All | All | All |
| Hardware | Huawei | Campus S6300 | - | All | All | All |
| Hardware | Huawei | Campus S6300 | - | All | All | All |
| Hardware | Huawei | Campus S6700 | - | All | All | All |
| Hardware | Huawei | Campus S6700 | - | All | All | All |
| Hardware | Huawei | Campus S7700 | - | All | All | All |
| Hardware | Huawei | Campus S7700 | - | All | All | All |
| Hardware | Huawei | Campus S9300 | - | All | All | All |
| Hardware | Huawei | Campus S9300 | - | All | All | All |
| Hardware | Huawei | Campus S9700 | - | All | All | All |
| Hardware | Huawei | Campus S9700 | - | All | All | All |
| Operating System | Huawei | S5300 Firmware | All | All | All | All |
| Operating System | Huawei | S5700 Firmware | All | All | All | All |
| Operating System | Huawei | S6300 Firmware | All | All | All | All |
| Operating System | Huawei | S6700 Firmware | All | All | All | All |
| Operating System | Huawei | S7700 Firmware | All | All | All | All |
| Operating System | Huawei | S9300 Firmware | All | All | All | All |
| Operating System | Huawei | S9700 Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Huawei Campus Series Switches Denial of Service Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| Security Advisory – Authentication Caused Memory Overflow Vulnerability in Some Huawei Switch Products - Huawei PSIRT | CONFIRM | www.huawei.com | Third Party Advisory, Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.