VAR-201610-0307
Vulnerability from variot - Updated: 2023-12-18 12:51Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software before V200R009C00; S12700 routers with software before V200R008C00SPC500; S9300, Quidway S5300, and S5300 routers with software before V200R007C00; and S5700 routers with software before V200R007C00SPC500 makes it easier for remote authenticated administrators to obtain encryption keys and ciphertext passwords via vectors related to key storage. plural Huawei There is a vulnerability in the product software that allows the encryption key and ciphertext password to be obtained. Supplementary information : CWE Vulnerability type by CWE-326: Inadequate Encryption Strength ( Incorrect cipher strength ) Has been identified. Huawei AR Routers is an AR series router product from China Huawei. An information disclosure vulnerability exists in Huawei AR Routers. An attacker could exploit this vulnerability to obtain sensitive information. Huawei AR, etc. are routing switches of China Huawei (Huawei). Remote attackers can use the keystore to exploit this vulnerability to gain administrator privileges and crack hard-coded keys and ciphertext passwords. The following products and versions are affected: Huawei AR V200R001 , V200R002 , V200R003 , V200R005C10 , V200R005C20 , V200R005C30 ; Quidway S9300 V200R003C00SPC500 , V200R002C00SPC100 , V200R001C00SPC300 ; S12700 V200R006C00 , V200R005C00 ; S9300 V200R006C00SPC500 , V200R005C00SPC300 ; Quidway S5300 V200R001C00SPC300
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201610-0307",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "s9300",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r005c00spc300"
},
{
"model": "ar",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r005c20"
},
{
"model": "ar",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r005c10"
},
{
"model": "ar",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r001"
},
{
"model": "s5300",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r002c00"
},
{
"model": "s9300",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r006c00spc500"
},
{
"model": "ar",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r003"
},
{
"model": "s5300",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r006c00spc500"
},
{
"model": "ar",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r005c30"
},
{
"model": "s5300",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r005c00spc500"
},
{
"model": "s5700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c00"
},
{
"model": "quidway s9300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r002c00spc100"
},
{
"model": "quidway s5300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c00spc300"
},
{
"model": "quidway s9300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c00spc300"
},
{
"model": "s5700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c00"
},
{
"model": "s5700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c00"
},
{
"model": "s5700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "s5700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r002c00"
},
{
"model": "ar",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r002"
},
{
"model": "quidway s9300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c00spc500"
},
{
"model": "s12700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c00"
},
{
"model": "s12700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "ar",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ar router",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v200r007c00spc100"
},
{
"model": "quidway s5300",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "quidway s5300",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v200r007c00"
},
{
"model": "quidway s9300",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "quidway s9300",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v200r009c00"
},
{
"model": "s12700",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "s12700",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v200r008c00spc500"
},
{
"model": "s5300",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "s5300",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v200r007c00"
},
{
"model": "s5700",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "s5700",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v200r007c00spc500"
},
{
"model": "s9300",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "s9300",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v200r007c00"
},
{
"model": "ar routers",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s9300 v200r006c00spc500",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s9300 v200r005c00spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s5700 v200r006c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s5700 v200r005c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s5700 v200r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s5700 v200r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s5700 v200r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s5300li v200r006c00spc500",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s5300 v200r005c00spc500",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s5300 v200r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s12700 v200r006c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s12700 v200r005c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "quidway s9300 v200r003c00spc500",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "quidway s9300 v200r003c00spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "quidway s9300 v200r002c00spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "quidway s5300 v200r001c00spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ar v200r005c30",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ar v200r005c20",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ar v200r005c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ar v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ar v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ar v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s5700 v200r007c00spc500",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s5300 v200r007c00",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s12700 v200r008c00spc500",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "quidway s9300 v200r009c00",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "quidway s5300 v200r007c00",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ar v200r007c00spc100",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07446"
},
{
"db": "BID",
"id": "76897"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007262"
},
{
"db": "NVD",
"id": "CVE-2015-8086"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-337"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:quidway_s5300_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:quidway_s5300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:quidway_s9300_firmware:v200r002c00spc100:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:quidway_s9300_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:quidway_s9300_firmware:v200r003c00spc500:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:quidway_s9300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s5700_firmware:v200r005c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:s5700_firmware:v200r006c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:s5700_firmware:v200r003c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:s5700_firmware:v200r002c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:s5700_firmware:v200r001c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s12700_firmware:v200r005c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:s12700_firmware:v200r006c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:ar_firmware:v200r005c20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:ar_firmware:v200r005c30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:ar_firmware:v200r003:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:ar_firmware:v200r005c10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:ar_firmware:v200r001:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:ar_firmware:v200r002:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:ar:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s5300_firmware:v200r002c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:s5300_firmware:v200r006c00spc500:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:s5300_firmware:v200r005c00spc500:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s5300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s9300_firmware:v200r005c00spc300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:s9300_firmware:v200r006c00spc500:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s9300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-8086"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "76897"
}
],
"trust": 0.3
},
"cve": "CVE-2015-8086",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-8086",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-07446",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-86047",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.9,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2015-8086",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-8086",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2015-07446",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201511-337",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-86047",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07446"
},
{
"db": "VULHUB",
"id": "VHN-86047"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007262"
},
{
"db": "NVD",
"id": "CVE-2015-8086"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-337"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software before V200R009C00; S12700 routers with software before V200R008C00SPC500; S9300, Quidway S5300, and S5300 routers with software before V200R007C00; and S5700 routers with software before V200R007C00SPC500 makes it easier for remote authenticated administrators to obtain encryption keys and ciphertext passwords via vectors related to key storage. plural Huawei There is a vulnerability in the product software that allows the encryption key and ciphertext password to be obtained. Supplementary information : CWE Vulnerability type by CWE-326: Inadequate Encryption Strength ( Incorrect cipher strength ) Has been identified. Huawei AR Routers is an AR series router product from China Huawei. An information disclosure vulnerability exists in Huawei AR Routers. An attacker could exploit this vulnerability to obtain sensitive information. Huawei AR, etc. are routing switches of China Huawei (Huawei). Remote attackers can use the keystore to exploit this vulnerability to gain administrator privileges and crack hard-coded keys and ciphertext passwords. The following products and versions are affected: Huawei AR V200R001 , V200R002 , V200R003 , V200R005C10 , V200R005C20 , V200R005C30 ; Quidway S9300 V200R003C00SPC500 , V200R002C00SPC100 , V200R001C00SPC300 ; S12700 V200R006C00 , V200R005C00 ; S9300 V200R006C00SPC500 , V200R005C00SPC300 ; Quidway S5300 V200R001C00SPC300 ",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-8086"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007262"
},
{
"db": "CNVD",
"id": "CNVD-2015-07446"
},
{
"db": "BID",
"id": "76897"
},
{
"db": "VULHUB",
"id": "VHN-86047"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-8086",
"trust": 3.4
},
{
"db": "BID",
"id": "76897",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007262",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201511-337",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2015-07446",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-86047",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07446"
},
{
"db": "VULHUB",
"id": "VHN-86047"
},
{
"db": "BID",
"id": "76897"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007262"
},
{
"db": "NVD",
"id": "CVE-2015-8086"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-337"
}
]
},
"id": "VAR-201610-0307",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07446"
},
{
"db": "VULHUB",
"id": "VHN-86047"
}
],
"trust": 1.4761443282352942
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07446"
}
]
},
"last_update_date": "2023-12-18T12:51:29.977000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Huawei-SA-20150930-01-Routers",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-455876"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007262"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-326",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-86047"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007262"
},
{
"db": "NVD",
"id": "CVE-2015-8086"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/76897"
},
{
"trust": 1.7,
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-455876"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8086"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8086"
},
{
"trust": 0.3,
"url": "http://www.huawei.com"
},
{
"trust": 0.3,
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-455876.htm"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07446"
},
{
"db": "VULHUB",
"id": "VHN-86047"
},
{
"db": "BID",
"id": "76897"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007262"
},
{
"db": "NVD",
"id": "CVE-2015-8086"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-337"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2015-07446"
},
{
"db": "VULHUB",
"id": "VHN-86047"
},
{
"db": "BID",
"id": "76897"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007262"
},
{
"db": "NVD",
"id": "CVE-2015-8086"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-337"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-07446"
},
{
"date": "2016-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-86047"
},
{
"date": "2015-09-30T00:00:00",
"db": "BID",
"id": "76897"
},
{
"date": "2016-10-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007262"
},
{
"date": "2016-10-03T21:59:04.893000",
"db": "NVD",
"id": "CVE-2015-8086"
},
{
"date": "2015-09-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201511-337"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-07446"
},
{
"date": "2016-11-28T00:00:00",
"db": "VULHUB",
"id": "VHN-86047"
},
{
"date": "2016-09-19T17:00:00",
"db": "BID",
"id": "76897"
},
{
"date": "2016-10-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007262"
},
{
"date": "2016-11-28T19:46:02.077000",
"db": "NVD",
"id": "CVE-2015-8086"
},
{
"date": "2016-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201511-337"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201511-337"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Vulnerability in obtaining encryption key and ciphertext password in product software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007262"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201511-337"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…