CVE-2015-8677

Published: Apr 14, 2016Modified: May 6, 2026

6.5

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

Memory leak in Huawei S5300EI, S5300SI, S5310HI, and S6300EI Campus series switches with software V200R003C00 before V200R003SPH011 and V200R005C00 before V200R005SPH008; S2350EI and S5300LI Campus series switches with software V200R003C00 before V200R003SPH011, V200R005C00 before V200R005SPH008, and V200R006C00 before V200R006SPH002; S9300, S7700, and S9700 Campus series switches with software V200R003C00 before V200R003SPH011, V200R005C00 before V200R005SPH009, and V200R006C00 before V200R006SPH003; S5720HI and S5720EI Campus series switches with software V200R006C00 before V200R006SPH002; and S2300 and S3300 Campus series switches with software V100R006C05 before V100R006SPH022 allows remote authenticated users to cause a denial of service (memory consumption and device restart) by logging in and out of the (1) HTTPS or (2) SFTP server, related to SSL session information.

Affected (27)

Products: Huawei: S5300ei Firmware, S5300si Firmware, S5310hi Firmware, S6300ei Firmware, S5300li Firmware, S2350ei Firmware, S9300 Firmware, S9700 Firmware, S7700 Firmware, S5720hi Firmware, S5720ei Firmware, S2300 Firmware, S3300 Firmware

13 products

Configuration A

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei S5300ei Firmware	From v200r003c00 to v200r003sph011
Huawei S5300ei Firmware	From v200r005c00 to v200r005sph008

Running on/with	Platform Versions
Huawei S5300ei	All versions

Configuration B

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei S5300si Firmware	From v200r001c00 to v200r001sph018
Huawei S5300si Firmware	From v200r002c00 to v200r003sph011

Running on/with	Platform Versions
Huawei S5300si	All versions

Configuration C

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei S5310hi Firmware	From v200r001c00 to v200r001sph018
Huawei S5310hi Firmware	From v200r002c00 to v200r003sph011

Running on/with	Platform Versions
Huawei S5310hi	All versions

Configuration D

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei S6300ei Firmware	From v200r001c00 to v200r001sph018
Huawei S6300ei Firmware	From v200r002c00 to v200r003sph011

Running on/with	Platform Versions
Huawei S6300ei	All versions

Configuration E

3 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei S5300li Firmware	From v200r003c00 to v200r003sph011
Huawei S5300li Firmware	From v200r005c00 to v200r005sph008
Huawei S5300li Firmware	From v200r006c00 to v200r006sph002

Running on/with	Platform Versions
Huawei S5300li	All versions

Configuration F

3 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei S2350ei Firmware	From v200r003c00 to v200r003sph011
Huawei S2350ei Firmware	From v200r005c00 to v200r005sph008
Huawei S2350ei Firmware	From v200r006c00 to v200r006sph002

Running on/with	Platform Versions
Huawei S2350ei	All versions

Configuration G

3 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei S9300 Firmware	From v200r003c00 to v200r003sph011
Huawei S9300 Firmware	From v200r005c00 to v200r005sph009
Huawei S9300 Firmware	From v200r006c00 to v200r006sph003

Running on/with	Platform Versions
Huawei S9300	All versions

Configuration H

3 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei S9700 Firmware	From v200r003c00 to v200r003sph011
Huawei S9700 Firmware	From v200r005c00 to v200r005sph009
Huawei S9700 Firmware	From v200r006c00 to v200r006sph003

Running on/with	Platform Versions
Huawei S9700	All versions

Configuration I

3 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei S7700 Firmware	From v200r003c00 to v200r003sph011
Huawei S7700 Firmware	From v200r005c00 to v200r005sph009
Huawei S7700 Firmware	From v200r006c00 to v200r006sph003

Running on/with	Platform Versions
Huawei S7700	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei S5720hi Firmware	From v200r006c00 to v200r006sph002

Running on/with	Platform Versions
Huawei S5720hi	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei S5720ei Firmware	From v200r006c00 to v200r006sph002

Running on/with	Platform Versions
Huawei S5720ei	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei S2300 Firmware	From v100r006c05 to v100r006sph022

Running on/with	Platform Versions
Huawei S2300	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei S3300 Firmware	From v100r006c05 to v100r006sph022

Running on/with	Platform Versions
Huawei S3300	All versions

Related CWEs

CWE-399

References (2)

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160113-03-switch-en

Source: cve@mitre.org

Vendor Advisory

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160113-03-switch-en

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.