CVE-2015-8676
7.5
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD
Description
Memory leak in Huawei S5300EI, S5300SI, S5310HI, S6300EI/ S2350EI, and S5300LI Campus series switches with software V200R001C00 before V200R001SPH018, V200R002C00 before V200R003SPH011, and V200R003C00 before V200R003SPH011; S9300, S7700, and S9700 Campus series switches with software V200R001C00 before V200R001SPH023, V200R002C00 before V200R003SPH011, and V200R003C00 before V200R003SPH011; and S2300 and S3300 Campus series switches with software V100R006C05 before V100R006SPH022 allows remote attackers to cause a denial of service (memory consumption and reboot) via a large number of ICMPv6 packets.
Affected (23)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| From v200r001c00 to v200r001sph018 |
| Running on/with | Platform Versions |
|---|---|
Huawei S2350ei | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| From v200r001c00 to v200r001sph018 |
| Running on/with | Platform Versions |
|---|---|
Huawei S5300ei | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| From v200r001c00 to v200r001sph018 |
| Running on/with | Platform Versions |
|---|---|
Huawei S5300si | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| From v200r001c00 to v200r001sph018 |
| Running on/with | Platform Versions |
|---|---|
Huawei S5310hi | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| From v200r001c00 to v200r001sph018 |
| Running on/with | Platform Versions |
|---|---|
Huawei S6300ei | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| From v200r001c00 to v200r001sph018 |
| Running on/with | Platform Versions |
|---|---|
Huawei S5300li | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| From v200r001c00 to v200r001sph023 |
| Running on/with | Platform Versions |
|---|---|
Huawei S9300 | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| From v200r001c00 to v200r001sph023 |
| Running on/with | Platform Versions |
|---|---|
Huawei S7700 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| From v200r001c00 to v200r001sph023 |
| Running on/with | Platform Versions |
|---|---|
Huawei S9700 | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| From v100r006c05 to v100r006sph022 |
| Running on/with | Platform Versions |
|---|---|
Huawei S2300 | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| From v100r006c05 to v100r006sph022 |
| Running on/with | Platform Versions |
|---|---|
Huawei S3300 | All versions |
Related CWEs
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
CWE-399
CWE-399
References (2)
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.