VAR-201601-0156
Vulnerability from variot - Updated: 2023-12-18 13:44The presentation transmission permission management mechanism in Huawei TE30, TE40, TE50, and TE60 multimedia video conferencing endpoints with software before V100R001C10SPC100 allows remote attackers to cause a denial of service (wired presentation outage) via unspecified vectors involving a wireless presentation. Supplementary information : CWE Vulnerability type by CWE-19: Data Handling ( Data processing ) Has been identified. http://cwe.mitre.org/data/definitions/19.htmlService disruption by a third party due to problems with wireless presentation ( Stop wired presentation ) There is a possibility of being put into a state. Huawei TE30, TE40, TE50, and TE60 are Huawei's integrated HD video conferencing terminal devices that support intelligent voice calls and Wi-Fi wireless interconnection. A security vulnerability exists in the presentationtransmissionpermissionmanage mechanism of the HuaweiTE30, TE40, TE50, and TE60Debug accounts, allowing remote attackers to exploit the vulnerability for denial of service attacks. Multiple Huawei TE products are prone to a denial-of-service vulnerability and a security-bypass vulnerability. The following products and versions are affected: Huawei TE30, TE40, TE50, and TE60 using software versions earlier than V100R001C10SPC100
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0156",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "te30",
"scope": null,
"trust": 1.4,
"vendor": "huawei",
"version": null
},
{
"model": "te40",
"scope": null,
"trust": 1.4,
"vendor": "huawei",
"version": null
},
{
"model": "te50",
"scope": null,
"trust": 1.4,
"vendor": "huawei",
"version": null
},
{
"model": "te60",
"scope": null,
"trust": 1.4,
"vendor": "huawei",
"version": null
},
{
"model": "te60",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r001c10b022"
},
{
"model": "te60",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v100r001c10spc100"
},
{
"model": "te60",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v100r001c10b022"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00293"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006790"
},
{
"db": "NVD",
"id": "CVE-2015-8672"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-195"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:te60_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v100r001c10b022",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:te40:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:huawei:te30:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:huawei:te50:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:huawei:te60:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-8672"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei",
"sources": [
{
"db": "BID",
"id": "77829"
}
],
"trust": 0.3
},
"cve": "CVE-2015-8672",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2015-8672",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2016-00293",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-86633",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-8672",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2016-00293",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-195",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-86633",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00293"
},
{
"db": "VULHUB",
"id": "VHN-86633"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006790"
},
{
"db": "NVD",
"id": "CVE-2015-8672"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-195"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The presentation transmission permission management mechanism in Huawei TE30, TE40, TE50, and TE60 multimedia video conferencing endpoints with software before V100R001C10SPC100 allows remote attackers to cause a denial of service (wired presentation outage) via unspecified vectors involving a wireless presentation. Supplementary information : CWE Vulnerability type by CWE-19: Data Handling ( Data processing ) Has been identified. http://cwe.mitre.org/data/definitions/19.htmlService disruption by a third party due to problems with wireless presentation ( Stop wired presentation ) There is a possibility of being put into a state. Huawei TE30, TE40, TE50, and TE60 are Huawei\u0027s integrated HD video conferencing terminal devices that support intelligent voice calls and Wi-Fi wireless interconnection. A security vulnerability exists in the presentationtransmissionpermissionmanage mechanism of the HuaweiTE30, TE40, TE50, and TE60Debug accounts, allowing remote attackers to exploit the vulnerability for denial of service attacks. Multiple Huawei TE products are prone to a denial-of-service vulnerability and a security-bypass vulnerability. The following products and versions are affected: Huawei TE30, TE40, TE50, and TE60 using software versions earlier than V100R001C10SPC100",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-8672"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006790"
},
{
"db": "CNVD",
"id": "CNVD-2016-00293"
},
{
"db": "BID",
"id": "77829"
},
{
"db": "VULHUB",
"id": "VHN-86633"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-8672",
"trust": 3.4
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006790",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201601-195",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-00293",
"trust": 0.6
},
{
"db": "BID",
"id": "77829",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-86633",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00293"
},
{
"db": "VULHUB",
"id": "VHN-86633"
},
{
"db": "BID",
"id": "77829"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006790"
},
{
"db": "NVD",
"id": "CVE-2015-8672"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-195"
}
]
},
"id": "VAR-201601-0156",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00293"
},
{
"db": "VULHUB",
"id": "VHN-86633"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00293"
}
]
},
"last_update_date": "2023-12-18T13:44:18.154000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Huawei-SA-20151125-01-TE",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-462952"
},
{
"title": "Patches for multiple Huawei product denial of service vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/70125"
},
{
"title": "Multiple Huawei Product denial of service vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=59547"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00293"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006790"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-195"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-19",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-86633"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006790"
},
{
"db": "NVD",
"id": "CVE-2015-8672"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-462952"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8672"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8672"
},
{
"trust": 0.3,
"url": "http://www.huawei.com"
},
{
"trust": 0.3,
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-462952.htm"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00293"
},
{
"db": "VULHUB",
"id": "VHN-86633"
},
{
"db": "BID",
"id": "77829"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006790"
},
{
"db": "NVD",
"id": "CVE-2015-8672"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-195"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-00293"
},
{
"db": "VULHUB",
"id": "VHN-86633"
},
{
"db": "BID",
"id": "77829"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006790"
},
{
"db": "NVD",
"id": "CVE-2015-8672"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-195"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00293"
},
{
"date": "2016-01-12T00:00:00",
"db": "VULHUB",
"id": "VHN-86633"
},
{
"date": "2015-11-25T00:00:00",
"db": "BID",
"id": "77829"
},
{
"date": "2016-01-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006790"
},
{
"date": "2016-01-12T20:59:05.637000",
"db": "NVD",
"id": "CVE-2015-8672"
},
{
"date": "2016-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-195"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00293"
},
{
"date": "2016-06-01T00:00:00",
"db": "VULHUB",
"id": "VHN-86633"
},
{
"date": "2016-01-14T23:58:00",
"db": "BID",
"id": "77829"
},
{
"date": "2016-01-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006790"
},
{
"date": "2016-06-01T14:03:55.027000",
"db": "NVD",
"id": "CVE-2015-8672"
},
{
"date": "2016-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-195"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-195"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei TE Denial of service operation in the product software presentation transmission right management mechanism (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006790"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-195"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…