FKIE_CVE-2014-3223

Vulnerability from fkie_nvd - Published: 2017-04-02 20:59 - Updated: 2025-04-20 01:37
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Huawei S9300 with software before V100R006SPH013 and S2300,S3300,S5300,S6300 with software before V100R006SPH010 support Y.1731 and therefore have the Y.1731 vulnerability in processing special packets. The vulnerability causes the restart of switches.
References
psirt@huawei.comhttp://www.huawei.com/en/psirt/security-advisories/hw-329625Mitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.huawei.com/en/psirt/security-advisories/hw-329625Mitigation, Vendor Advisory
Impacted products
Vendor Product Version
huawei s9300_firmware v100r006c00spc500
huawei s9300_firmware v100r006c00spc800
huawei s9300 -
huawei s3300_firmware v100r006c00spc800
huawei s3300_firmware v100r006c01spc100
huawei s3300_firmware v100r006c03
huawei s3300 -
huawei s2300_firmware v100r006c00spc800
huawei s2300_firmware v100r006c01spc100
huawei s2300_firmware v100r006c03
huawei s2300 -
huawei s5300_firmware v100r006c00spc800
huawei s5300_firmware v100r006c01spc100
huawei s5300_firmware v100r006c03
huawei s5300 -
huawei s6300_firmware v100r006c00spc800
huawei s6300_firmware v100r006c01spc100
huawei s6300_firmware v100r006c03
huawei s6300 -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:s9300_firmware:v100r006c00spc500:*:*:*:*:*:*:*",
              "matchCriteriaId": "771FA881-8B73-4923-883E-6FB66DC5785B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s9300_firmware:v100r006c00spc800:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFDF8C50-BB1B-494F-A66C-6AA43829A1F8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:s9300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD2EC926-50C6-4CBE-BB6F-56F3A6287DEE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:s3300_firmware:v100r006c00spc800:*:*:*:*:*:*:*",
              "matchCriteriaId": "C32CA848-E4C4-4F45-B770-B0F56B1D803C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s3300_firmware:v100r006c01spc100:*:*:*:*:*:*:*",
              "matchCriteriaId": "01778409-3E0D-457D-A3A8-7D547B154EF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s3300_firmware:v100r006c03:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C328054-3E5C-4122-AD5B-49A71791D7F6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:s3300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A1410A1-ADCC-474F-ABEE-F0FE48E4CD7A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:s2300_firmware:v100r006c00spc800:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9B1ABFF-8054-47E2-A122-BBA45915EC4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s2300_firmware:v100r006c01spc100:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CBBAFAE-0988-4FB5-985F-D9F26F8FB590",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s2300_firmware:v100r006c03:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEFF6D05-BC82-4943-9D79-95CBEDD5CD2C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:s2300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17566603-275F-4E6B-B5D9-4A716EEC03DC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:s5300_firmware:v100r006c00spc800:*:*:*:*:*:*:*",
              "matchCriteriaId": "C23B78BC-958A-4F7B-AC41-8F92573CD050",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s5300_firmware:v100r006c01spc100:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F131E90-5381-4CC4-B98C-F127A7C9B24E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s5300_firmware:v100r006c03:*:*:*:*:*:*:*",
              "matchCriteriaId": "554D3674-06D0-4B04-9014-F4A5178785DF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:s5300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CFEF08E-54C5-4D60-AFF0-37B00D6E2DDD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:s6300_firmware:v100r006c00spc800:*:*:*:*:*:*:*",
              "matchCriteriaId": "59483B72-F057-4274-8C88-FF908AB44F5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s6300_firmware:v100r006c01spc100:*:*:*:*:*:*:*",
              "matchCriteriaId": "073D332C-3532-4F1E-9885-B5EBFAD04D9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s6300_firmware:v100r006c03:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F133779-0AA7-468B-9470-075091872D5D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:s6300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA3C8988-A1FC-4B04-9134-F2BDDADEAFB5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Huawei S9300 with software before V100R006SPH013 and S2300,S3300,S5300,S6300 with software before V100R006SPH010 support Y.1731 and therefore have the Y.1731 vulnerability in processing special packets. The vulnerability causes the restart of switches."
    },
    {
      "lang": "es",
      "value": "Huawei S9300 con software en versiones anteriores a V100R006SPH013 y S2300,S3300,S5300,S6300 con software en versiones anteriores a V100R006SPH010 soporte Y.1731 y por lo tanto tener la vulnerabilidad Y.1731 en el procesamiento de paquetes especiales. Ta vulnerabilidad provoca el reinicio de los switches."
    }
  ],
  "id": "CVE-2014-3223",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-04-02T20:59:00.237",
  "references": [
    {
      "source": "psirt@huawei.com",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "http://www.huawei.com/en/psirt/security-advisories/hw-329625"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "http://www.huawei.com/en/psirt/security-advisories/hw-329625"
    }
  ],
  "sourceIdentifier": "psirt@huawei.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-19"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.