All the vulnerabilites related to huawei - campus_s9300
Vulnerability from fkie_nvd
Published
2014-06-17 14:55
Modified
2024-11-21 02:09
Severity ?
Summary
Multiple heap-based buffer overflows in Huawei Campus Series Switches S3700HI, S5700, S6700, S3300HI, S5300, S6300, S9300, S7700, and LSW S9700 with software V200R001 before V200R001SPH013; S5700, S6700, S5300, and S6300 with software V200R002 before V200R002SPH005; S7700, S9300, S9300E, S5300, S5700, S6300, S6700, S2350, S2750, and LSW S9700 with software V200R003 before V200R003SPH005; and S7700, S9300, S9300E, and LSW S9700 with software V200R005 before V200R005C00SPC300 allow remote attackers to cause a denial of service (device restart) via a crafted length field in a packet.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | campus_series_switch_software | v200r001 | |
| huawei | campus_lsw_s9700 | - | |
| huawei | campus_s3300hi | - | |
| huawei | campus_s3700hi | - | |
| huawei | campus_s5300 | - | |
| huawei | campus_s5700 | - | |
| huawei | campus_s6300 | - | |
| huawei | campus_s6700 | - | |
| huawei | campus_s7700 | - | |
| huawei | campus_s9300 | - | |
| huawei | campus_series_switch_software | v200r005 | |
| huawei | campus_lsw_s9700 | - | |
| huawei | campus_s7700 | - | |
| huawei | campus_s9300 | - | |
| huawei | campus_s9300e | - | |
| huawei | campus_series_switch_software | v200r003 | |
| huawei | campus_lsw_s9700 | - | |
| huawei | campus_s2350 | - | |
| huawei | campus_s2750 | - | |
| huawei | campus_s5300 | - | |
| huawei | campus_s5700 | - | |
| huawei | campus_s6300 | - | |
| huawei | campus_s6700 | - | |
| huawei | campus_s7700 | - | |
| huawei | campus_s9300 | - | |
| huawei | campus_s9300e | - | |
| huawei | campus_series_switch_software | v200r002 | |
| huawei | campus_s5300 | - | |
| huawei | campus_s5700 | - | |
| huawei | campus_s6300 | - | |
| huawei | campus_s6700 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:huawei:campus_series_switch_software:v200r001:*:*:*:*:*:*:*",
"matchCriteriaId": "21C5D694-5EE3-4478-9F51-84F58DF763F9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:campus_lsw_s9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD0FC52B-C9FD-4C82-AF6B-2925C405A0DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:campus_s3300hi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3051E39-E500-4937-BB2C-F0B33EFEFB59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:campus_s3700hi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B77C6A1-0964-443D-A75D-0E68A59F919B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:campus_s5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB230D94-2048-4AE9-873F-D4FA11B8F502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:campus_s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F29515E-98DD-496F-B3FC-176CD4B2BD9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:campus_s6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB73CEC-BB35-40CD-BE87-DADD54ACB239",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:campus_s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89288D18-DA31-4683-B6D0-E3CBC91AA7F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:campus_s7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C949558A-3AAC-4A2A-81C1-B9D7072FF3FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:campus_s9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CDCCC3D-56A1-4C43-A341-CADCD0D2E2B3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:huawei:campus_series_switch_software:v200r005:*:*:*:*:*:*:*",
"matchCriteriaId": "C74BD5E0-9D78-4348-A5AC-C62C9401823D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:campus_lsw_s9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD0FC52B-C9FD-4C82-AF6B-2925C405A0DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:campus_s7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C949558A-3AAC-4A2A-81C1-B9D7072FF3FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:campus_s9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CDCCC3D-56A1-4C43-A341-CADCD0D2E2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:campus_s9300e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7722403-C443-49C9-B46B-E32B6E214497",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:huawei:campus_series_switch_software:v200r003:*:*:*:*:*:*:*",
"matchCriteriaId": "F124F68A-3DB8-43CB-B75A-66B32D15EAD2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:campus_lsw_s9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD0FC52B-C9FD-4C82-AF6B-2925C405A0DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:campus_s2350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0706908-4279-4582-A1A3-BA34DBD38E56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:campus_s2750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11CCFD4D-E2F7-4B5C-8BBB-9422D247FBCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:campus_s5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB230D94-2048-4AE9-873F-D4FA11B8F502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:campus_s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F29515E-98DD-496F-B3FC-176CD4B2BD9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:campus_s6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB73CEC-BB35-40CD-BE87-DADD54ACB239",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:campus_s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89288D18-DA31-4683-B6D0-E3CBC91AA7F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:campus_s7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C949558A-3AAC-4A2A-81C1-B9D7072FF3FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:campus_s9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CDCCC3D-56A1-4C43-A341-CADCD0D2E2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:campus_s9300e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7722403-C443-49C9-B46B-E32B6E214497",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:huawei:campus_series_switch_software:v200r002:*:*:*:*:*:*:*",
"matchCriteriaId": "41DD828F-A21B-4B73-BFB4-3C308DD6D1A1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:campus_s5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB230D94-2048-4AE9-873F-D4FA11B8F502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:campus_s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F29515E-98DD-496F-B3FC-176CD4B2BD9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:campus_s6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB73CEC-BB35-40CD-BE87-DADD54ACB239",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:campus_s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89288D18-DA31-4683-B6D0-E3CBC91AA7F3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple heap-based buffer overflows in Huawei Campus Series Switches S3700HI, S5700, S6700, S3300HI, S5300, S6300, S9300, S7700, and LSW S9700 with software V200R001 before V200R001SPH013; S5700, S6700, S5300, and S6300 with software V200R002 before V200R002SPH005; S7700, S9300, S9300E, S5300, S5700, S6300, S6700, S2350, S2750, and LSW S9700 with software V200R003 before V200R003SPH005; and S7700, S9300, S9300E, and LSW S9700 with software V200R005 before V200R005C00SPC300 allow remote attackers to cause a denial of service (device restart) via a crafted length field in a packet."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamiento de buffer basado en memoria din\u00e1mica en Huawei Campus Series Switches S3700HI, S5700, S6700, S3300HI, S5300, S6300, S9300, S7700 y LSW S9700 con software V200R001 anterior a V200R001SPH013; S5700, S6700, S5300 y S6300 con software V200R002 anterior a V200R002SPH005; S7700, S9300, S9300E, S5300, S5700, S6300, S6700, S2350, S2750 y LSW S9700 con software V200R003 anterior a V200R003SPH005; y S7700, S9300, S9300E y LSW S9700 con software V200R005 anterior a V200R005C00SPC300 permiten a atacantes remotos causar una denegaci\u00f3n de servicio (reinicio de dispositivo) a trav\u00e9s de un campo de longitud manipulado en un paquete."
}
],
"id": "CVE-2014-4190",
"lastModified": "2024-11-21T02:09:39.183",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-06-17T14:55:08.940",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-343218.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/67907"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-343218.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/67907"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-02 20:59
Modified
2024-11-21 02:10
Severity ?
Summary
Huawei Campus S7700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300; S9300 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300; S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300 allow unauthorized users to upgrade the bootrom or bootload software, bypass a Menu protection mechanism, conduct a Menu compromise attack, or bypass a Menu/upgrade protection mechanism.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | campus_s7700_firmware | v200r001c00spc300 | |
| huawei | campus_s7700_firmware | v200r002c00spc100 | |
| huawei | campus_s7700_firmware | v200r003c00spc300 | |
| huawei | campus_s7700 | - | |
| huawei | campus_s9300_firmware | v200r001c00spc300 | |
| huawei | campus_s9300_firmware | v200r002c00spc100 | |
| huawei | campus_s9300_firmware | v200r003c00spc300 | |
| huawei | campus_s9300 | - | |
| huawei | campus_s9700_firmware | v200r001c00spc300 | |
| huawei | campus_s9700_firmware | v200r002c00spc100 | |
| huawei | campus_s9700_firmware | v200r003c00spc300 | |
| huawei | campus_s9700 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:campus_s7700_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "93B25917-7ED8-4402-B90C-EB790FD85122",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:campus_s7700_firmware:v200r002c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "8BD095D0-631E-4A50-9F35-4CB63412E909",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:campus_s7700_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "F12DF054-43B5-42DC-8FDF-664354091ABA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:campus_s7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C949558A-3AAC-4A2A-81C1-B9D7072FF3FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:campus_s9300_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF5EF43-0E5F-4B2D-8785-E6A0EC40C44B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:campus_s9300_firmware:v200r002c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "E203B7BA-4AE4-45E4-B844-080F12C72D91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:campus_s9300_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC8D4C5-3BA0-47A1-A3A5-10E805CD4986",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:campus_s9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CDCCC3D-56A1-4C43-A341-CADCD0D2E2B3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:campus_s9700_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "A4FE15E9-372E-4435-8033-E8548CE81E5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:campus_s9700_firmware:v200r002c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "638D5AD5-1E39-4A88-87F2-A3E7A5E70D7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:campus_s9700_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "41F99807-3631-45EE-B26E-51183DD93F5E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:campus_s9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F3527D2-0D93-43CE-9202-9CCFD91A4F9F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Huawei Campus S7700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300; S9300 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300; S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300 allow unauthorized users to upgrade the bootrom or bootload software, bypass a Menu protection mechanism, conduct a Menu compromise attack, or bypass a Menu/upgrade protection mechanism."
},
{
"lang": "es",
"value": "Huawei Campus S7700 con software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300; S9300 con software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300; S9700 con software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300 permiten a usuarios no autorizados a actualizar el software bootrom o bootload, eludiendo el mecanismo de protecci\u00f3n Menu, para llevar a cabo un ataque de compromiso de Menu, o eludir un mecanismo de protecci\u00f3n Menu/upgrade."
}
],
"id": "CVE-2014-4707",
"lastModified": "2024-11-21T02:10:45.477",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-02T20:59:00.343",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-334629"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-334629"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-06-08 16:29
Modified
2024-11-21 02:28
Severity ?
Summary
The user authentication module in Huawei Campus switches S5700, S5300, S6300, and S6700 with software before V200R001SPH012 and S7700, S9300, and S9700 with software before V200R001SPH015 allows remote attackers to cause a denial of service (device restart) via vectors involving authentication, which trigger an array access violation.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-418554.htm | Third Party Advisory, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/73355 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-418554.htm | Third Party Advisory, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/73355 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | s5700_firmware | * | |
| huawei | campus_s5700 | - | |
| huawei | s5300_firmware | * | |
| huawei | campus_s5300 | - | |
| huawei | s6300_firmware | * | |
| huawei | campus_s6300 | - | |
| huawei | s6700_firmware | * | |
| huawei | campus_s6700 | - | |
| huawei | s7700_firmware | * | |
| huawei | campus_s7700 | - | |
| huawei | s9300_firmware | * | |
| huawei | campus_s9300 | - | |
| huawei | s9700_firmware | * | |
| huawei | campus_s9700 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98DB6875-7463-4D59-8DC4-86B678D97F95",
"versionEndIncluding": "v200r001c00spc300",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:campus_s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F29515E-98DD-496F-B3FC-176CD4B2BD9E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46D43A99-D0A5-439D-A25A-0785527018B0",
"versionEndIncluding": "v200r001c00spc300",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:campus_s5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB230D94-2048-4AE9-873F-D4FA11B8F502",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "600EF41E-5FA7-4495-93CF-D8A467271256",
"versionEndIncluding": "v200r001c00spc300",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:campus_s6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB73CEC-BB35-40CD-BE87-DADD54ACB239",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD9F1EB-A8DB-405A-B721-BCB15AEF95CB",
"versionEndIncluding": "v200r001c00spc300",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:campus_s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89288D18-DA31-4683-B6D0-E3CBC91AA7F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4EF3EC0C-6455-43A9-AE8E-0DD6A76D4502",
"versionEndIncluding": "v200r001c00spc300",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:campus_s7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C949558A-3AAC-4A2A-81C1-B9D7072FF3FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s9300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA6351C4-E87D-4E4F-9E0C-F953F29986D8",
"versionEndIncluding": "v200r001c00spc300",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:campus_s9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CDCCC3D-56A1-4C43-A341-CADCD0D2E2B3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F7C986D-E3CC-4B15-BBAB-834F9A85D24F",
"versionEndIncluding": "v200r001c00spc300",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:campus_s9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F3527D2-0D93-43CE-9202-9CCFD91A4F9F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The user authentication module in Huawei Campus switches S5700, S5300, S6300, and S6700 with software before V200R001SPH012 and S7700, S9300, and S9700 with software before V200R001SPH015 allows remote attackers to cause a denial of service (device restart) via vectors involving authentication, which trigger an array access violation."
},
{
"lang": "es",
"value": "El m\u00f3dulo de autentificaci\u00f3n de usuarios en los switches Huawei Campus S5700, S5300, S6300 y S6700 con un software anterior a V200R001SPH012 y S7700, S9300 y S9700 con una versi\u00f3n de software anterior al V200R001SPH015 permite a atacantes remotos causar un ataque de denegaci\u00f3n de servicio (reinicio del dispositivo) mediante vectores involucrados en la autentificaci\u00f3n, el cual desencadena una violaci\u00f3n de acceso al array."
}
],
"id": "CVE-2015-2800",
"lastModified": "2024-11-21T02:28:06.093",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-06-08T16:29:00.403",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-418554.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/73355"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-418554.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/73355"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2014-4707
Vulnerability from cvelistv5
Published
2017-04-02 20:00
Modified
2024-08-06 11:27
Severity ?
EPSS score ?
Summary
Huawei Campus S7700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300; S9300 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300; S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300 allow unauthorized users to upgrade the bootrom or bootload software, bypass a Menu protection mechanism, conduct a Menu compromise attack, or bypass a Menu/upgrade protection mechanism.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/hw-334629 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | S7700,S9300,S9700 S7700 V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300,S9300 V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300,S9700 V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, |
Version: S7700,S9300,S9700 S7700 V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300,S9300 V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300,S9700 V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:27:36.226Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-334629"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "S7700,S9300,S9700 S7700 V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300,S9300 V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300,S9700 V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300,",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "S7700,S9300,S9700 S7700 V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300,S9300 V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300,S9700 V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300,"
}
]
}
],
"datePublic": "2017-03-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei Campus S7700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300; S9300 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300; S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300 allow unauthorized users to upgrade the bootrom or bootload software, bypass a Menu protection mechanism, conduct a Menu compromise attack, or bypass a Menu/upgrade protection mechanism."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "BootRom and Boot Menu",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-02T19:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-334629"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2014-4707",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "S7700,S9300,S9700 S7700 V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300,S9300 V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300,S9700 V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300,",
"version": {
"version_data": [
{
"version_value": "S7700,S9300,S9700 S7700 V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300,S9300 V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300,S9700 V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300,"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei Campus S7700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300; S9300 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300; S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300 allow unauthorized users to upgrade the bootrom or bootload software, bypass a Menu protection mechanism, conduct a Menu compromise attack, or bypass a Menu/upgrade protection mechanism."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "BootRom and Boot Menu"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/hw-334629",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-334629"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2014-4707",
"datePublished": "2017-04-02T20:00:00",
"dateReserved": "2014-07-01T00:00:00",
"dateUpdated": "2024-08-06T11:27:36.226Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-2800
Vulnerability from cvelistv5
Published
2017-06-08 16:00
Modified
2024-08-06 05:24
Severity ?
EPSS score ?
Summary
The user authentication module in Huawei Campus switches S5700, S5300, S6300, and S6700 with software before V200R001SPH012 and S7700, S9300, and S9700 with software before V200R001SPH015 allows remote attackers to cause a denial of service (device restart) via vectors involving authentication, which trigger an array access violation.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/73355 | vdb-entry, x_refsource_BID | |
| http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-418554.htm | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:24:38.847Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "73355",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/73355"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-418554.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The user authentication module in Huawei Campus switches S5700, S5300, S6300, and S6700 with software before V200R001SPH012 and S7700, S9300, and S9700 with software before V200R001SPH015 allows remote attackers to cause a denial of service (device restart) via vectors involving authentication, which trigger an array access violation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-08T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "73355",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/73355"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-418554.htm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2800",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The user authentication module in Huawei Campus switches S5700, S5300, S6300, and S6700 with software before V200R001SPH012 and S7700, S9300, and S9700 with software before V200R001SPH015 allows remote attackers to cause a denial of service (device restart) via vectors involving authentication, which trigger an array access violation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "73355",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73355"
},
{
"name": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-418554.htm",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-418554.htm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-2800",
"datePublished": "2017-06-08T16:00:00",
"dateReserved": "2015-03-30T00:00:00",
"dateUpdated": "2024-08-06T05:24:38.847Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-4190
Vulnerability from cvelistv5
Published
2014-06-17 14:00
Modified
2024-09-17 02:16
Severity ?
EPSS score ?
Summary
Multiple heap-based buffer overflows in Huawei Campus Series Switches S3700HI, S5700, S6700, S3300HI, S5300, S6300, S9300, S7700, and LSW S9700 with software V200R001 before V200R001SPH013; S5700, S6700, S5300, and S6300 with software V200R002 before V200R002SPH005; S7700, S9300, S9300E, S5300, S5700, S6300, S6700, S2350, S2750, and LSW S9700 with software V200R003 before V200R003SPH005; and S7700, S9300, S9300E, and LSW S9700 with software V200R005 before V200R005C00SPC300 allow remote attackers to cause a denial of service (device restart) via a crafted length field in a packet.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/67907 | vdb-entry, x_refsource_BID | |
| http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-343218.htm | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:04:28.879Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "67907",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/67907"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-343218.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple heap-based buffer overflows in Huawei Campus Series Switches S3700HI, S5700, S6700, S3300HI, S5300, S6300, S9300, S7700, and LSW S9700 with software V200R001 before V200R001SPH013; S5700, S6700, S5300, and S6300 with software V200R002 before V200R002SPH005; S7700, S9300, S9300E, S5300, S5700, S6300, S6700, S2350, S2750, and LSW S9700 with software V200R003 before V200R003SPH005; and S7700, S9300, S9300E, and LSW S9700 with software V200R005 before V200R005C00SPC300 allow remote attackers to cause a denial of service (device restart) via a crafted length field in a packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-06-17T14:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "67907",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/67907"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-343218.htm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4190",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple heap-based buffer overflows in Huawei Campus Series Switches S3700HI, S5700, S6700, S3300HI, S5300, S6300, S9300, S7700, and LSW S9700 with software V200R001 before V200R001SPH013; S5700, S6700, S5300, and S6300 with software V200R002 before V200R002SPH005; S7700, S9300, S9300E, S5300, S5700, S6300, S6700, S2350, S2750, and LSW S9700 with software V200R003 before V200R003SPH005; and S7700, S9300, S9300E, and LSW S9700 with software V200R005 before V200R005C00SPC300 allow remote attackers to cause a denial of service (device restart) via a crafted length field in a packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "67907",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67907"
},
{
"name": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-343218.htm",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-343218.htm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-4190",
"datePublished": "2014-06-17T14:00:00Z",
"dateReserved": "2014-06-17T00:00:00Z",
"dateUpdated": "2024-09-17T02:16:49.105Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}