Sign-up

ID

VAR-201511-0201


CVE

CVE-2015-8229


TITLE

Huawei eSpace U2980 and U2990 Unified Gateway Service disruption in other software (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2015-006028

DESCRIPTION

Huawei eSpace U2980 unified gateway with software before V100R001C10 and U2990 with software before V200R001C10 allow remote authenticated users to cause a denial of service via crafted signaling packets from a registered device. Huawei eSpace U2980 and U2990 are both Huawei's telephone switch products. A denial of service vulnerability exists in the Huawei eSpace U2980 and U2990 switches. An attacker could exploit the vulnerability to cause a program to deny legitimate users. Huawei eSpace U2980 and U2990 have security vulnerabilities because no error correction mechanism is used when processing specific signal packets. The attacker sends malformed packets, which can cause some services of U2990 and U2980 to refuse service

Trust: 3.06

sources: NVD: CVE-2015-8229 // JVNDB: JVNDB-2015-006028 // CNVD: CNVD-2015-07772 // CNVD: CNVD-2015-07793 // BID: 77556 // VULHUB: VHN-86190

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 1.2

sources: CNVD: CNVD-2015-07772 // CNVD: CNVD-2015-07793

AFFECTED PRODUCTS

vendor:huaweimodel:espace u2990scope: - version: -

Trust: 1.2

vendor:huaweimodel:espace u2980scope: - version: -

Trust: 1.2

vendor:huaweimodel:espacescope:lteversion:v200r001c02

Trust: 1.0

vendor:huaweimodel:espacescope:lteversion:v100r001c02

Trust: 1.0

vendor:huaweimodel:espace u2980 unified gatewayscope: - version: -

Trust: 0.8

vendor:huaweimodel:espace u2990 unified gatewayscope: - version: -

Trust: 0.8

vendor:huaweimodel:espacescope:ltversion:v100r001c10 (espace u2980)

Trust: 0.8

vendor:huaweimodel:espacescope:ltversion:v200r001c10 (espace u2990)

Trust: 0.8

vendor:huaweimodel:espacescope:eqversion:v200r001c02

Trust: 0.6

vendor:huaweimodel:espacescope:eqversion:v100r001c02

Trust: 0.6

vendor:huaweimodel:espace u2990 v200r001c02scope: - version: -

Trust: 0.3

vendor:huaweimodel:espace u2980 v100r001c02scope: - version: -

Trust: 0.3

vendor:huaweimodel:espace u2990 v200r001c10scope:neversion: -

Trust: 0.3

vendor:huaweimodel:espace u2980 v100r001c10scope:neversion: -

Trust: 0.3

sources: CNVD: CNVD-2015-07772 // CNVD: CNVD-2015-07793 // BID: 77556 // JVNDB: JVNDB-2015-006028 // CNNVD: CNNVD-201511-393 // NVD: CVE-2015-8229

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-8229
value: MEDIUM

Trust: 1.0

NVD: CVE-2015-8229
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2015-07772
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2015-07793
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201511-393
value: MEDIUM

Trust: 0.6

VULHUB: VHN-86190
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2015-8229
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2015-07772
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

CNVD: CNVD-2015-07793
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-86190
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CNVD: CNVD-2015-07772 // CNVD: CNVD-2015-07793 // VULHUB: VHN-86190 // JVNDB: JVNDB-2015-006028 // CNNVD: CNNVD-201511-393 // NVD: CVE-2015-8229

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-86190 // JVNDB: JVNDB-2015-006028 // NVD: CVE-2015-8229

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201511-393

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201511-393

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-006028

PATCH
title:Huawei-SA-20151111-01-eSpaceurl:http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-461219.htm
Trust: 0.8
title:Huawei eSpace U2980 and U2990 denial of service vulnerability patchesurl:https://www.cnvd.org.cn/patchInfo/show/67109
Trust: 0.6
title:Huawei eSpace U2980/2990 denial of service vulnerability patchurl:https://www.cnvd.org.cn/patchInfo/show/67215
Trust: 0.6
title:Huawei eSpace U2980  and U2990 Enter the fix for the verification vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58841
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2015-07772 // 
            
            
            
            CNVD: CNVD-2015-07793 // 
            
            
            
            JVNDB: JVNDB-2015-006028 // 
            
            
            
            CNNVD: CNNVD-201511-393

EXTERNAL IDS
db:NVDid:CVE-2015-8229
Trust: 3.1
db:BIDid:77556
Trust: 1.5
db:JVNDBid:JVNDB-2015-006028
Trust: 0.8
db:CNNVDid:CNNVD-201511-393
Trust: 0.7
db:CNVDid:CNVD-2015-07772
Trust: 0.6
db:CNVDid:CNVD-2015-07793
Trust: 0.6
db:NSFOCUSid:31619
Trust: 0.6
db:SEEBUGid:SSVID-89928
Trust: 0.1
db:VULHUBid:VHN-86190
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2015-07772 // 
            
            
            
            CNVD: CNVD-2015-07793 // 
            
            
            
            VULHUB: VHN-86190 // 
            
            
            
            BID: 77556 // 
            
            
            
            JVNDB: JVNDB-2015-006028 // 
            
            
            
            CNNVD: CNNVD-201511-393 // 
            
            
            
            NVD: CVE-2015-8229

REFERENCES
url:http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-461219.htm
Trust: 1.7
url:http://www.securityfocus.com/bid/77556
Trust: 1.2
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8229
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8229
Trust: 0.8
url:http://www.huawei.com/en/security/psirt/report-vulnerabilities/index.htm
Trust: 0.6
url:http://www.nsfocus.net/vulndb/31619
Trust: 0.6
url:http://www.huawei.com/
Trust: 0.3
url:http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-461219.htm
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2015-07772 // 
            
            
            
            CNVD: CNVD-2015-07793 // 
            
            
            
            VULHUB: VHN-86190 // 
            
            
            
            BID: 77556 // 
            
            
            
            JVNDB: JVNDB-2015-006028 // 
            
            
            
            CNNVD: CNNVD-201511-393 // 
            
            
            
            NVD: CVE-2015-8229

CREDITS
Huawei
Trust: 0.9
sources:
            
            
            BID: 77556 // 
            
            
            
            CNNVD: CNNVD-201511-393

SOURCES
db:CNVDid:CNVD-2015-07772
db:CNVDid:CNVD-2015-07793
db:VULHUBid:VHN-86190
db:BIDid:77556
db:JVNDBid:JVNDB-2015-006028
db:CNNVDid:CNNVD-201511-393
db:NVDid:CVE-2015-8229

LAST UPDATE DATE
2025-04-13T23:23:42.748000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2015-07772date:2015-11-25T00:00:00
db:CNVDid:CNVD-2015-07793date:2015-11-26T00:00:00
db:VULHUBid:VHN-86190date:2016-08-18T00:00:00
db:BIDid:77556date:2015-11-11T00:00:00
db:JVNDBid:JVNDB-2015-006028date:2015-11-26T00:00:00
db:CNNVDid:CNNVD-201511-393date:2015-11-27T00:00:00
db:NVDid:CVE-2015-8229date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:CNVDid:CNVD-2015-07772date:2015-11-25T00:00:00
db:CNVDid:CNVD-2015-07793date:2015-11-26T00:00:00
db:VULHUBid:VHN-86190date:2015-11-24T00:00:00
db:BIDid:77556date:2015-11-11T00:00:00
db:JVNDBid:JVNDB-2015-006028date:2015-11-26T00:00:00
db:CNNVDid:CNNVD-201511-393date:2015-11-23T00:00:00
db:NVDid:CVE-2015-8229date:2015-11-24T20:59:22.147