Sign-up

ID

VAR-201409-1259


TITLE

Multiple Huawei switch information disclosure vulnerabilities

Trust: 0.6

sources: CNVD: CNVD-2014-06451

DESCRIPTION

Huawei Switches is a Huawei switch series device. Huawei Switches All V200R001 devices use the VRP platform for information leakage. The MPLS LSP PING service is bound to an unneeded interface, which can cause device IP leakage. Allow remote attackers to exploit vulnerabilities to obtain sensitive information.

Trust: 0.6

sources: CNVD: CNVD-2014-06451

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2014-06451

AFFECTED PRODUCTS

vendor:huaweimodel:switches v200r001scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2014-06451

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2014-06451
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2014-06451
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2014-06451

PATCH

title:Patch for multiple Huawei switch information disclosure vulnerabilitiesurl:https://www.cnvd.org.cn/patchinfo/show/50471

Trust: 0.6

sources: CNVD: CNVD-2014-06451

EXTERNAL IDS

db:CNVDid:CNVD-2014-06451

Trust: 0.6

sources: CNVD: CNVD-2014-06451

REFERENCES

url:http://huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372145.htm

Trust: 0.6

sources: CNVD: CNVD-2014-06451

SOURCES

db:CNVDid:CNVD-2014-06451

LAST UPDATE DATE

2022-05-04T08:57:22.720000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2014-06451date:2014-09-28T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2014-06451date:2014-09-28T00:00:00