VARIoT IoT vulnerabilities database

Cross-site request forgery (CSRF) vulnerability in the web framework on Cisco IronPort Web Security Appliance (WSA) devices, Email Security Appliance (ESA) devices, and Content Security Management Appliance (SMA) devices allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCuh70263, CSCuh70323, and CSCuh26634. Vendors have confirmed this vulnerability Bug IDs CSCuh70263 , CSCuh70323 ,and CSCuh26634 It is released as.A third party may be able to hijack arbitrary user authentication. Multiple Cisco Devices are prone to a cross-site request-forgery vulnerability. Attackers can exploit this issue to perform certain administrative actions and to gain unauthorized access to the affected device. This issue is being tracked by Cisco bug IDs CSCuh70323, CSCuh26634, and CSCuh70263. Content SMA is a set of content security management equipment. A remote attacker could exploit this vulnerability to hijack the authentication of any user. =============================== - Advisory - =============================== Tittle: Cisco IronPort Security Management Appliance - Multiple issues Risk: Medium Date: 20.May.2013 Author: Pedro Andujar Twitter: @pandujar .: [ INTRO ] :. The Cisco Security Management Appliance helps to enable flexible management and comprehensive security control at the network gateway. .: [ TECHNICAL DESCRIPTION ] :. Cisco IronPort Security Management Appliance M170 v7.9.1-030 (and probably other products), are prone to several security issues as described below; .: [ ISSUE #1 }:. Name: Reflected Cross Site Scripting Severity: Low CVE: CVE-2013-3396 There is a lack of output escaping in the default error 500 page. When a exception occurs in the application, the error description contains user unvalidated input from the request: ** PoC removed as requested by Cisco. ** .: [ ISSUE #2 }:. Name: Stored Cross Site Scripting Severity: Medium Due to a lack of input validation on job_name, job_type, appliances_options and config_master parameters which are then printed unscapped on job_name, old_job_name, job_type, appliance_lists and config_master fields. ** PoC removed as requested by Cisco. ** .: [ ISSUE #3 }:. Name: CSRF Token is not used Severity: Low CVE: CVE-2013-3395 CSRFKey is not used in some areas of the application, which make even easier to exploit Reflected XSS Issues. In the /report area of the application, we got no error even when completely removing the parameter CSRFKey; ** PoC removed as requested by Cisco. ** See: http://tools.cisco.com/security/center/viewAlert.x?alertId=29844 .: [ ISSUE #4 }:. Name: Lack of password obfuscation Severity: Low When exporting the configuration file even if you mark the "mask password" option, the SNMPv3 password still appears in cleartext. .: [ CHANGELOG ] :. * 20/May/2013: - Vulnerability found. * 27/May/2013: - Vendor contacted. * 11/Jul/2013: - Public Disclosure .: [ SOLUTIONS ] :. Thanks to Stefano De Crescenzo (Cisco PSIRT Team), because of his professional way of managing the entire process. Stored XSS CSCuh24755 Reflected XSS http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3396 SNMP password issue CSCuh27268, CSCuh70314 CSRF http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3395 .: [ REFERENCES ] :

Unspecified vulnerability in the Intel Trusted Execution Technology (TXT) SINIT Authenticated Code Modules (ACM) before 1.2, as used by the Intel QM77, QS77, Q77 Express, C216, Q67 Express, C202, C204, and C206 chipsets and Mobile Intel QM67 and QS67 chipsets, when the measured launch environment (MLE) is invoked, allows local users to bypass the Trusted Execution Technology protection mechanism and perform other unspecified SINIT ACM functions via unspecified vectors. Successful exploits will allow local processes to gain elevated privileges. This may facilitate a complete compromise of affected computers

An unspecified third-party component in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 uses short session ID values, which makes it easier for remote attackers to hijack sessions, and consequently obtain sensitive information, via a brute-force attack. IBM Sterling B2B Integrator and IBM Sterling File Gateway is prone to a session-hijacking vulnerability. An attacker can exploit this issue to gain unauthorized access to the affected application. The following products are vulnerable: IBM Sterling B2B Integrator 5.2 and 5.1 IBM Sterling File Gateway 2.2 and 2.1. IBM Sterling File Gateway is a set of file transfer software that integrates different file transfer methods and can realize secure interaction through the network

Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling B2B Integrator 5.2.4 and Sterling File Gateway allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. This vulnerability CVE-2013-2983 Is a different vulnerability.By any third party Web Script or HTML May be inserted. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. IBM Sterling File Gateway is a set of file transfer software that integrates different file transfer methods and can realize secure interaction through the network

Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling File Gateway 2.2 and Sterling B2B Integrator allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2013-0468. This vulnerability CVE-2013-0455 Is a different vulnerability.By any third party Web Script or HTML May be inserted. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. These vulnerabilities stem from the program's failure to validate user-submitted input

The SIP implementation in Cisco TelePresence TC Software allows remote attackers to trigger unintended use of NOTIFY messages via unspecified vectors, aka Bug ID CSCud96080. Vendors have confirmed this vulnerability Bug ID CSCud96080 It is released as.Not intended by third parties NOTIFY May trigger the use of messages. Exploiting this issue could allow an attacker to bypass certain security restrictions and perform unauthorized actions on the affected device. This issue is being tracked by Cisco Bug ID CSCud96080. Cisco TelePresence is a set of video conferencing solutions called "TelePresence" system of Cisco (Cisco). The solution provides components such as audio and video spaces, which can provide remote participants with a "face-to-face" virtual meeting room effect

IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to hijack sessions via a modified cookie path. An attacker can exploit this issue to gain unauthorized access to the affected application. IBM Sterling File Gateway is a set of file transfer software that integrates different file transfer methods and can realize secure interaction through the network. An authorized remote attacker can exploit this vulnerability to hijack a session by modifying the cookie path

Directory traversal vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote authenticated users to read or modify files via unspecified vectors. Remote attackers can use specially crafted requests with directory-traversal sequences ('../') to retrieve arbitrary files in the context of the application. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. IBM Sterling File Gateway is a set of file transfer software that integrates different file transfer methods and can realize secure interaction through the network. An authorized remote attacker could exploit this vulnerability to read or modify restricted files

ajax.cgi in the web interface on the Choice Wireless Green Packet WIXFMR-111 4G WiMax modem allows remote attackers to obtain sensitive information via an Ajax (1) wmxState or (2) netState request. An attacker can exploit this issue to view system configuration information, execute commands and disclose sensitive information. Information obtained may aid in further attacks. This product provides internal routing, wireless link and other functions

ajax.cgi in the web interface on the Choice Wireless Green Packet WIXFMR-111 4G WiMax modem allows remote attackers to execute arbitrary commands via shell metacharacters in the pip parameter in an Ajax tag_ipPing request, a different vulnerability than CVE-2013-3581. A remote attacker can exploit the vulnerability to execute arbitrary commands and obtain sensitive information such as an administrator account

Multiple cross-site request forgery (CSRF) vulnerabilities in Fortinet FortiOS on FortiGate firewall devices before 4.3.13 and 5.x before 5.0.2 allow remote attackers to hijack the authentication of administrators for requests that modify (1) settings or (2) policies, or (3) restart the device via a rebootme action to system/maintenance/shutdown. (1) Change settings (2) Policy changes (3) Reboot device. FortiGate running FortiOS is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions in the context of the device running the affected application. Other attacks are also possible. Fortinet FortiOS is a set of security operating systems developed by Fortinet Corporation for the FortiGate network security platform. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSL VPN, Web content filtering and anti-spam. Vulnerability ID: CVE-2013-1414 Vulnerability Type: CSRF (Cross-Site Request Forgery) Product: All Fortigate Firewalls Vendor: Fortinet http://www.fortinet.com Vulnerable Version: < 4.3.13 & < 5.0.2 Description ========== Because many functions are not protected by CSRF-Tokens, it's possible (under certain conditions) to modify System-Settings, Firewall-Policies or take control over the hole firewall. Requirements =========== An Attacker needs to know the IP of the device. An Administrator needs an authenticated connection to the device. Report-Timeline: ================ Vendor Notification: 11 July 2012 Vendor released version 5.0.2 / 18 March 2013 Vendor released version 4.3.13 / 29 April 2013 Status: Fixed Google Dork: ========== -english -help -printing -companies -archive -wizard -pastebin -adult -keywords "Warning: this page requires Javascript. To correctly view, please enable it in your browser" Credit: ===== Sven Wurth dos@net-war.de PoC ==== This Example will reboot a Fortinet Firewall. This is just one of many possibilities to attack this vulnerability. ##### CSRF - Proof Of Concept #### <html> <body onload="submitForm()"> <form name="myForm" id="myForm" action="https://###_VICTIM_IP_###/system/maintenance/shutdown" method="post"> <input type="hidden" name="reason" value=""> <input type="hidden" name="action" value="1"> <input type="submit" name="add" value="rebootme"> </form> <script type='text/javascript'>document.myForm.submit();</script> </html> ##### End Poc #####

Unspecified vulnerability on the HP ProCurve JC###A, JC###B, JD###A, JD###B, JE###A, JF###A, JF###B, JF###C, JG###A, 658250-B21, and 658247-B21; HP 3COM routers and switches; and HP H3C routers and switches allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors. Multiple HP products are prone to an unspecified vulnerability. Little is known about this issue at this time. We will update this BID as more information emerges. Note: Please refer to the vendor advisory for complete list of affected products. The HP ProCurve family offers switch products. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03808969 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03808969 Version: 3 HPSBHF02888 rev.3 - HP Network Products including H3C and 3COM Routers and Switches, Remote Information Disclosure and Code Execution NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. The vulnerabilities could be remotely exploited resulting in disclosure of information and execution of code. Mitigations and workarounds: Please see the Mitigation notes in the Resolution section below. References: CVE-2013-2340 (SSRT100917), CVE-2013-2341 (SSRT101120) SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2013-2340 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2341 (AV:N/AC:H/Au:S/C:C/I:C/A:C) 7.1 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has made the following software updates available to resolve the vulnerabilities. Fixed Version HP Branded Products Impacted H3C Branded Products Impacted 3Com Branded Products Impacted 12500_5.20.R1825P01 JC085A HP A12518 Switch Chassis JC086A HP A12508 Switch Chassis JC652A HP 12508 DC Switch Chassis JC653A HP 12518 DC Switch Chassis JC654A HP 12504 AC Switch Chassis JC655A HP 12504 DC Switch Chassis JF430A HP A12518 Switch Chassis JF430B HP 12518 Switch Chassis JF430C HP 12518 AC Switch Chassis JF431A HP A12508 Switch Chassis JF431B HP 12508 Switch Chassis JF431C HP 12508 AC Switch Chassis H3C S12508 Routing Switch(AC-1) (0235A0GE) H3C S12518 Routing Switch(AC-1) (0235A0GF) H3C S12508 Chassis (0235A0E6) H3C S12508 Chassis (0235A38N) H3C S12518 Chassis (0235A0E7) H3C S12518 Chassis (0235A38M) N/A 10500_5.20.R1208-US JC611A HP 10508-V Switch Chassis JC612A HP 10508 Switch Chassis JC613A HP 10504 Switch Chassis JC748A HP 10512 Switch Chassis N/A N/A S9500E_5.20.R1825P01 JC124A HP A9508 Switch Chassis JC124B HP 9505 Switch Chassis JC125A HP A9512 Switch Chassis JC125B HP 9512 Switch Chassis JC474A HP A9508-V Switch Chassis JC474B HP 9508-V Switch Chassis H3C S9505E Routing-Switch Chassis (0235A0G6) H3C S9508E-V Routing-Switch Chassis (0235A38Q) H3C S9512E Routing-Switch Chassis (0235A0G7) H3C S9508E-V Routing-Switch Chassis (0235A38Q) H3C S9505E Chassis w/ Fans (0235A38P) H3C S9512E Chassis w/ Fans (0235A38R) N/A 7500_5.20.R6708-US JD238A HP A7510 Switch Chassis JD238B HP 7510 Switch Chassis JD239A HP A7506 Switch Chassis JD239B HP 7506 Switch Chassis JD240A HP A7503 Switch Chassis JD240B HP 7503 Switch Chassis JD241A HP A7506 Vertical Switch Chassis JD241B HP 7506-V Switch Chassis JD242A HP A7502 Switch Chassis JD242B HP 7502 Switch Chassis JD243A HP A7503 Switch Chassis w/1 Fabric Slot JD243B HP 7503-S Switch Chassis w/1 Fabric Slot JE164A HP E7902 Switch Chassis JE165A HP E7903 Switch Chassis JE166A HP E7903 Switch Chassis w/1 Fabric Slot JE167A HP E7906 Switch Chassis JE168A HP E7906 Vertical Switch Chassis JE169A HP E7910 Switch Chassis H3C S7502E Ethernet Switch Chassis with Fan (0235A0G4) H3C S7503E Ethernet Switch Chassis with Fan (0235A0G2) H3C S7503E-S Ethernet Switch Chassis with Fan (0235A0G5) H3C S7506E Ethernet Switch Chassis with Fan (0235A0G1) H3C S7506E-V Ethernet Switch Chassis with Fan (0235A0G3) H3C S7510E Ethernet Switch Chassis with Fan (0235A0G0) H3C S7502E Chassis w/ fans (0235A29A) H3C S7503E Chassis w/ fans (0235A27R) H3C S7503E-S Chassis w/ fans (0235A33R) H3C S7506E Chassis w/ fans (0235A27Q) H3C S7506E-V Chassis w/ fans (0235A27S) N/A 6125-CMW520-R2105 658250-B21 HP 6125G/XG Ethernet Blade Switch 658247-B21 HP 6125G Ethernet Blade Switch N/A N/A 5830_5.20.R1118-US JC691A HP A5830AF-48G Switch w/1 Interface Slot JC694A HP A5830AF-96G Switch JG316A HP 5830AF-48G TAA Switch w/1 Intf Slot JG374A HP 5830AF-96G TAA Switch N/A N/A 5800-5820X_5.20.R1807P02-US JC099A HP 5800-24G-PoE Switch JC100A HP 5800-24G Switch JC101A HP 5800-48G Switch with 2 Slots JC102A HP 5820-24XG-SFP+ Switch JC103A HP 5800-24G-SFP Switch JC104A HP 5800-48G-PoE Switch JC105A HP 5800-48G Switch JC106A HP 5820-14XG-SFP+ Switch with 2 Slots JG219A HP 5820AF-24XG Switch JG225A HP 5800AF-48G Switch JG242A HP 5800-48G-PoE+ TAA Switch w 2 Slots JG243A HP 5820-24XG-SFP+ TAA-compliant Switch JG254A HP 5800-24G-PoE+ TAA-compliant Switch JG255A HP 5800-24G TAA-compliant Switch JG256A HP 5800-24G-SFP TAA Switch w 1 Intf Slt JG257A HP 5800-48G-PoE+ TAA Switch with 1 Slot JG258A HP 5800-48G TAA Switch w 1 Intf Slot JG259A HP 5820X-14XG-SFP+ TAA Switch w 2 Slots H3C S5800-32C - 24-port 1BT Plus 4-port (SFP Plus ) Plus 1 media slot (0235A36U) H3C S5800-32C-PWR - 24-port 10/100/1000BASE-T (RJ45) Plus 4-port 10GBASE-X (SFP Plus ) Plus 1 media module PoE (0235A36S) H3C S5800-32F 24-port 1000BASE-X (SFP) Plus 4-port 10GBASE-X (SFP Plus ) Plus media module (no power) (0235A374) H3C S5800-56C 48-port 10/100/1000BASE-T (RJ45) Plus 4port 10GBASE-X (SFP Plus ) Plus media module (0235A379) H3C S5800-56C-PWR 48-port BT Plus 4 port (SFP Plus ) Plus media module (0235A378) H3C S5800-60C-PWR 48-port BT Plus 4-port SFP Plus 2 media modules Plus OSM (0235A36W) H3C S5820X-28C 14 port (SFP Plus ) Plus 4-port BT (RJ45) Plus 2 media modules Plus OSM (0235A37L) H3C S5820X-28S 24-port 10GBASE-X (SFP Plus ) Plus 4-port 10/100/1000BASE-T (RJ45) (0235A370) N/A S5600_3.10.R1702P42 JD391A HP S5600-50C Ethernet Switch JD392A HP S5600-50C-PWR Ethernet Switch JD393A HP S5600-26C Ethernet Switch JD394A HP S5600-26C-PWR Ethernet Switch JD395A HP S5600-26F Ethernet Switch H3C S5600-26C Ethernet Switch (0235A11F) H3C S5600-26C-PWR Ethernet Switch (0235A11G) H3C S5600-26F Ethernet Switch (0235A11H) H3C S5600-50C Ethernet Switch (0235A11D) H3C S5600-50C-PWR Ethernet Switch (0235A11E) N/A 5500.EI-4800G_R2220-US JD373A HP 5500-24G DC EI Switch JD374A HP 5500-24G-SFP EI Switch JD375A HP 5500-48G EI Switch JD376A HP 5500-48G-PoE EI Switch JD377A HP 5500-24G EI Switch JD378A HP 5500-24G-PoE EI Switch JD379A HP 5500-24G-SFP DC EI Switch JG240A HP 5500-48G-PoE+ EI Switch w/2 Intf Slts JG241A HP 5500-24G-PoE+ EI Switch w/2 Intf Slts JG249A HP 5500-24G-SFP EI TAA Switch w 2 Slts JG250A HP 5500-24G EI TAA Switch w 2 Intf Slts JG251A HP 5500-48G EI TAA Switch w 2 Intf Slts JG252A HP 5500-24G-PoE+ EI TAA Switch w/2 Slts JG253A HP 5500-48G-PoE+ EI TAA Switch w/2 Slts H3C S5500-28C-EI Ethernet Switch (0235A253) H3C S5500-28F-EI Eth Switch AC Single (0235A24U) H3C S5500-52C-EI Ethernet Switch (0235A24X) H3C S5500-28C-EI-DC Ethernet Switch (0235A24S) H3C S5500-28C-PWR-EI Ethernet Switch (0235A255) H3C S5500-28F-EI Eth Swtch DC Single Pwr (0235A259) H3C S5500-52C-PWR-EI Ethernet Switch (0235A251) N/A 5500.SI_R2220 JD369A HP 5500-24G SI Switch JD370A HP 5500-48G SI Switch JD371A HP 5500-24G-PoE SI Switch JD372A HP 5500-48G-PoE SI Switch JG238A HP 5500-24G-PoE+ SI Switch w/2 Intf Slts JG239A HP 5500-48G-PoE+ SI Switch w/2 Intf Slts H3C S5500-28C-SI Ethernet Switch (0235A04U) H3C S5500-52C-SI Ethernet Switch (0235A04V) H3C S5500-28C-PWR-SI Ethernet Switch (0235A05H) H3C S5500-52C-PWR-SI Ethernet Switch (0235A05J) N/A 5500.HI_5.20.R5105-US JG311A HP HI 5500-24G-4SFP w/2 Intf Slts Switch JG312A HP HI 5500-48G-4SFP w/2 Intf Slts Switch N/A N/A E5500G_03.03.02p21 JE088A HP E5500-24G Switch JE089A HP E5500-24G Switch (TAA) JE090A HP E5500-48G Switch JE091A HP E5500-48G Switch (TAA) JE092A HP E5500-24G-PoE Switch JE093A HP E5500-24G-PoE Switch (TAA) JE094A HP E5500-48G-PoE Switch JE095A HP E5500-48G-PoE Switch (TAA) JE096A HP E5500-24G-SFP Switch JE097A HP E5500-24G-SPF Switch (TAA) JF551A HP SS4 SWITCH 5500G-EI 24PT (no psu) JF552A HP SS4 SWITCH 5500G-EI 48PT(no psu) JF553A HP SS4 5500G-EI 24 PORT SFP (no psu) N/A 3Com SS4 5500G-EI 24 Port SFP (NO PSU) (3CR17259-91) 3Com SS4 Switch 5500G-EI 24PT (NO PSU) (3CR17254-91) 3Com SS4 Switch 5500G-EI 48PT (NO PSU) (3CR17255-91) 3Com Switch 5500G-EI 24 Port (3CR17250-91) 3Com Switch 5500G-EI 48-Port (3CR17251-91) 3Com Switch 5500G-EI PWR 24-Port (3CR17252-91) 3Com Switch 5500G-EI PWR 48-Port (3CR17253-91) 3Com Switch 5500G-EI SFP 24-Port (3CR17258-91) 3Com TAA Compliant 5500G-EI 24-Port (3CR17250TAA-91) 3Com TAA Compliant 5500G-EI 48-Port (3CR17251TAA-91) 3Com TAA Compliant 5500G-EI PWR 24P (3CR17252TAA-91) 3Com TAA Compliant 5500G-EI PWR 48P (3CR17253TAA-91) 3Com TAA Compliant 5500G-EI SFP 24P (3CR17258TAA-91) E5500_03.03.02p21 JE099A HP E5500-24 SI Switch JE100A HP E5500-48 SI Switch JE101A HP E5500-24 Switch JE102A HP E5500-24 Switch (TAA) JE103A HP E5500-48 Switch JE104A HP E5500-48 Switch (TAA) JE105A HP E5500-24-PoE Switch JE106A HP E5500-24-PoE Switch (TAA) JE107A HP E5500-48-PoE Switch JE108A HP E5500-48-PoE Switch (TAA) JE109A HP E5500-24-SFP Switch JE110A HP E5500-24-SPF Switch (TAA) N/A 3Com SS4 Switch 5500-SI 28 Port (3CR17151-91) 3Com SS4 Switch 5500-SI 52 Port (3CR17152-91) 3Com Switch 5500-EI 28-Port (3CR17161-91) 3Com Switch 5500-EI 28-Port FX (3CR17181-91) 3Com Switch 5500-EI 52-Port (3CR17162-91) 3Com Switch 5500-EI PWR 28-Port (3CR17171-91) 3Com Switch 5500-EI PWR 52-Port (3CR17172-91) 3Com TAA Switch 5500-EI 28-Port (3CR17161TAA-91) 3Com TAA Switch 5500-EI 28-Port FX (3CR17181TAA-91) 3Com TAA Switch 5500-EI 52-Port (3CR17162TAA-91) 3Com TAA Switch 5500-EI PWR 28-Port (3CR17171TAA-91) 3Com TAA Switch 5500-EI PWR 52-Port (3CR17172TAA-91) 5120.SI_5.20.R1513P07 JE072A HP 5120-48G SI Switch JE073A HP 5120-16G SI Switch JE074A HP 5120-24G SI Switch JG091A HP 5120-24G-PoE+ (370W) SI Switch JG092A HP 5120-24G-PoE+ (170W) SI Switch H3C S5120-28P-HPWR-SI (0235A0E5) H3C S5120-28P-PWR-SI (0235A0E3) H3C S5120-20P-SI L2 16GE Plus 4SFP (0235A42B) H3C S5120-28P-SI 24GE Plus 4 SFP (0235A42D) H3C S5120-52P-SI 48GE Plus 4 SFP (0235A41W) N/A 5120.EI-4210G-4510G_R2220-US JE066A HP 5120-24G EI Switch JE067A HP 5120-48G EI Switch JE068A HP 5120-24G EI Switch with 2 Slots JE069A HP 5120-48G EI Switch with 2 Slots JE070A HP 5120-24G-PoE EI Switch with 2 Slots JE071A HP 5120-48G-PoE EI Switch with 2 Slots JG236A HP 5120-24G-PoE+ EI Switch w/2 Intf Slts JG237A HP 5120-48G-PoE+ EI Switch w/2 Intf Slts JG245A HP 5120-24G EI TAA Switch w 2 Intf Slts JG246A HP 5120-48G EI TAA Switch w 2 Intf Slts JG247A HP 5120-24G-PoE+ EI TAA Switch w 2 Slts JG248A HP 5120-48G-PoE+ EI TAA Switch w 2 Slts H3C S5120-24P-EI 24GE Plus 4ComboSFP (0235A0BQ) H3C S5120-28C-EI 24GE Plus 4Combo Plus 2Slt (0235A0BS) H3C S5120-48P-EI 48GE Plus 4ComboSFP (0235A0BR) H3C S5120-52C-EI 48GE Plus 4Combo Plus 2Slt (0235A0BT) H3C S5120-28C-PWR-EI 24G Plus 4C Plus 2S Plus POE (0235A0BU) H3C S5120-52C-PWR-EI 48G Plus 4C Plus 2S Plus POE (0235A0BV) N/A S5100.SI_3.10.R2221P07 JD348A HP A5100-24G SI Switch JD349A HP A5100-48G SI Switch JD356A HP A5100-16G SI Switch JD357A HP A5100-8G SI Switch H3C S5100-16P-SI - model LS-5100-16P-SI-OVS-H3 (0235A22R) H3C S5100-24P-SI - model LS-5100-24P-SI-OVS-H3 (0235A20Q) H3C S5100-48P-SI - model LS-5100-48P-SI-OVS-H3 (0235A20R) H3C S5100-8P-SI - model LS-5100-8P-SI-OVS-H3 (0235A22T) N/A S5100.EI_3.10.R2221P07 JD344A HP A5100-24G EI Switch w/SFP uplink JD345A HP A5100-48G EI Switch w/SFP Uplink JD346A HP A5100-24G EI Switch JD347A HP A5100-48G EI Switch JD350A HP A5100-8G EI Switch JD351A HP A5100-16G EI Switch JD352A HP A5100-8G-PoE EI Switch JD353A HP A5100-16G-PoE EI Switch JD354A HP A5100-24G-PoE EI Switch JD355A HP A5100-48G-PoE EI Switch H3C S5100-16P-EI - model LS-5100-16P-EI-OVS-H3 (0235A21Q) H3C S5100-16P-PWR-EI - model LS-5100-16P-PWR-EI-OVS (0235A22K) H3C S5100-24P-EI - model LS-5100-24P-EI-OVS (0235A08K) H3C S5100-26C-EI - model LS-5100-26C-EI-OVS (0235A08F) H3C S5100-26C-PWR-EI - model LS-5100-26C-PWR-EI-OVS (0235A22M) H3C S5100-48P-EI - model LS-5100-48P-EI-OVS (0235A08M) H3C S5100-50C-EI - model LS-5100-50C-EI-OVS (0235A08H) H3C S5100-50C-PWR-EI - model LS-5100-50C-PWR-EI-OVS (0235A22P) H3C S5100-8P-EI - model LS-5100-8P-EI-OVS-H3 (0235A21P) H3C S5100-8P-PWR-EI - model LS-5100-8P-PWR-EI-OVS (0235A22H) N/A 5500.EI-4800G_R2220-US JD007A HP 4800-24G Switch JD008A HP 4800-24G-PoE Switch JD009A HP 4800-24G-SFP Switch JD010A HP 4800-48G Switch JD011A HP 4800-48G-PoE Switch N/A 3Com Switch 4800G 24-Port (3CRS48G-24-91) 3Com Switch 4800G 24-Port SFP (3CRS48G-24S-91) 3Com Switch 4800G 48-Port (3CRS48G-48-91) 3Com Switch 4800G PWR 24-Port (3CRS48G-24P-91) 3Com Switch 4800G PWR 48-Port (3CRS48G-48P-91) 5120.EI-4210G-4510G_R2220-US JF428A HP 4510-48G Switch JF847A HP 4510-24G Switch N/A 3Com Switch 4510G 48 Port (3CRS45G-48-91) 3Com Switch 4510G PWR 24-Port (3CRS45G-24P-91) 3Com Switch E4510-24G (3CRS45G-24-91) E4500_03.03.02p20 JE045A HP 4500-24 Switch JE046A HP 4500-48 Switch JE047A HP 4500-24-PoE Switch JE048A HP 4500-48-PoE Switch N/A 3Com Switch 4500 26-Port (3CR17561-91) 3Com Switch 4500 50-Port (3CR17562-91) 3Com Switch 4500 PWR 26-Port (3CR17571-91) 3Com Switch 4500 PWR 50-Port (3CR17572-91) s4o03_01_15s168 JE021A HP E4210-8 Switch JE023A HP E4210-8 Switch (TAA) JE024A HP E4210-16 Switch JE026A HP E4210-24 Switch JE027A HP 4210-48 Switch JE028A HP E4210-8-PoE Switch JE030A HP E4210-8-PoE Switch (TAA) JE031A HP E4210-16-PoE Switch JE032A HP E4210-24-PoE Switch N/A 3Com Switch 4210 18-Port (3CR17332-91) 3Com Switch 4210 26-Port (3CR17333-91) 3Com Switch 4210 52-Port (3CR17334-91) 3Com Switch 4210 9-Port (3CR17331-91) 3Com Switch 4210 PWR 18-Port (3CR17342-91) 3Com Switch 4210 PWR 26-Port (3CR17343-91) 3Com Switch 4210 PWR 9P TAA (3CR17341TAA-91) 3Com Switch 4210 PWR 9-Port (3CR17341-91) S4210A_3.10.R2215P12 JE022A HP 4210-8 Switch JE025A HP 4210-16 Switch JE029A HP 4210-8-PoE Switch JE033A HP 4210-24-PoE Switch JF427A HP 4210-24 Switch N/A 3Com Switch 4210 9-Port (3CR17331A-91) 3Com Switch 4210 26-Port (3CR17333A-91) 3Com Switch 4210 18-Port (3CR17332A-91) 3Com Switch 4210 PWR 26-Port (3CR17343A-91) 3Com Switch 4210 PWR 9-Port (3CR17341A-91) 5120.EI-4210G-4510G_R2220-US JF844A HP 4210-24G Switch JF845A HP 4210-48G Switch JF846A HP 4210-24G-PoE Switch N/A 3Com Switch 4210-24G (3CRS42G-24-91) 3Com Switch 4210-48G (3CRS42G-48-91) 3Com Switch E4210-24G-PoE (3CRS42G-24P-91) s3t03_02_07s168 JE015A HP 4200-12G Switch JE016A HP E4200-24G Switch JE017A HP E4200-24G NTG Switch JE018A HP E4200-48G Switch JE019A HP E4200-48G NTG Switch JE020A HP E4200-24G-PoE Switch N/A 3Com Switch 4200G 12-Port (3CR17660-91) 3Com Switch 4200G 24-Port (3CR17661-91) 3Com Switch 4200G 48-Port (3CR17662-91) 3Com Switch 4200G PWR 24-Port (3CR17671-91) 3Com Switch 4200G-NTG 24-Port (3CR17661NTG-91) 3Com Switch 4200G-NTG 48-Port (3CR17662NTG-91) S3610-5510_5.20.R5319P04 JD335A HP 3610-48 Switch JD336A HP 3610-24-4G-SFP Switch JD337A HP 3610-24-2G-2G-SFP Switch JD338A HP 3610-24-SFP Switch H3C S3610-28F - model LS-3610-28F-OVS (0235A22F) H3C S3610-28P - model LS-3610-28P-OVS (0235A22D) H3C S3610-28TP - model LS-3610-28TP-OVS (0235A22E) H3C S3610-52P - model LS-3610-52P-OVS (0235A22C) N/A 3600V2_5.20.R2108 JG299A HP 3600-24 v2 EI Switch JG300A HP 3600-48 v2 EI Switch JG301A HP 3600-24-PoE+ v2 EI Switch JG302A HP 3600-48-PoE+ v2 EI Switch JG303A HP 3600-24-SFP v2 EI Switch JG304A HP 3600-24 v2 SI Switch JG305A HP 3600-48 v2 SI Switch JG306A HP 3600-24-PoE+ v2 SI Switch JG307A HP 3600-48-PoE+ v2 SI Switch N/A N/A S3600.SI_3.10.R1702P42 JD325A HP 3600-24-PoE SI Switch JD327A HP 3600-48-PoE SI Switch JD329A HP 3600-24TP SI Switch JD330A HP 3600-24 SI Switch JD332A HP 3600-48 SI Switch H3C S3600-28P-PWR-SI - model LS-3600-28P-PWR-SI-OVS (0235A10B) H3C S3600-28P-SI - model LS-3600-28P-SI-OVS (0235A10G) H3C S3600-28TP-SI - model LS-3600-28TP-SI-OVS (0235A10F) H3C S3600-52P-PWR-SI - model LS-3600-52P-PWR-SI-OVS (0235A10D) H3C S3600-52P-SI - model LS-3600-52P-SI-OVS (0235A10J) N/A S3600.EI_3.10.R1702P42 JD326A HP 3600-24-PoE EI Switch JD328A HP 3600-48-PoE EI Switch JD331A HP 3600-24 EI Switch JD333A HP 3600-48 EI Switch JD334A HP 3600-24-SFP EI Switch H3C S3600-28F-EI - model LS-3600-28F-EI-OVS (0235A10L) H3C S3600-28P-EI - model LS-3600-28P-EI-OVS (0235A10H) H3C S3600-28P-PWR-EI - model LS-3600-28P-PWR-EI-OVS (0235A10C) H3C S3600-52P-EI - model LS-3600-52P-EI-OVS (0235A10K) H3C S3600-52P-PWR-EI - model LS-3600-52P-PWR-EI-OVS (0235A10E) N/A 3100V2_5.20.R5203P01 JD313B HP 3100-24-PoE v2 EI Switch JD318B HP 3100-8 v2 EI Switch JD319B HP 3100-16 v2 EI Switch JD320B HP 3100-24 v2 EI Switch JG221A HP 3100-8 v2 SI Switch JG222A HP 3100-16 v2 SI Switch JG223A HP 3100-24 v2 SI Switch N/A N/A 3100V2.48_5.20.R2108 JG315A HP 3100-48 v2 Switch N/A N/A S3100.SI_3.10.R2215P12 JD302A HP A3100-16 DC SI Switch with 2 Slots JD303A HP A3100-24 DC SI Switch with 2 Slots JD304A HP 3100-8 SI Switch JD305A HP 3100-16 SI Switch JD306A HP 3100-24 SI Switch JD307A HP A3100-8 SI Switch w 1 Ext Mod Slot JD308A HP A3100-16 SI Switch w 2 Mod Slots JD309A HP A3100-24 SI Switch with 2 Slots JD310A HP A3100-8 SI Switch with 1 Slot H3C S3100-16C-SI - model LS-S3100-16C-SI-AC-OVS (0235A15G) H3C S3100-16C-SI - model LS-S3100-16C-SI-DC-OVS (0235A14V) H3C S3100-16T-SI - model LS-S3100-16T-SI-AC-OVS (0235A15C) H3C S3100-26C-SI - model LS-S3100-26C-SI-AC-OVS (0235A15H) H3C S3100-26C-SI - model LS-S3100-26C-SI-DC-OVS (0235A14W) H3C S3100-26T-SI - model LS-S3100-26T-SI-AC-OVS (0235A15D) H3C S3100-8C-SI - model LS-S3100-8C-SI-AC-OVS (0235A15F) H3C S3100-8C-SI - model LS-S3100-8C-SI-DC-OVS (0235A15J) H3C S3100-8T-SI - model LS-S3100-8T-SI-AC-OVS (0235A15B) N/A S3152_3.10.R1702P42 JD317A HP 3100-48 Switch H3C S3100-52P - model LS-3100-52P-OVS-H3 (0235A248) N/A 1910_5.20.R1513P07 JE005A HP 1910-16G Switch JE006A HP 1910-24G Switch JE007A HP 1910-24G-PoE (365W) Switch JE008A HP 1910-24G-PoE(170W) Switch JE009A HP 1910-48G Switch JG348A HP 1910-8G Switch JG349A HP 1910-8G-PoE+ (65W) Switch JG350A HP 1910-8G-PoE+ (180W) Switch N/A 3Com Baseline Plus Switch 2900 Gigabit Family - 52 port (3CRBSG5293) 3Com Baseline Plus Switch 2900G - 20 port (3CRBSG2093) 3Com Baseline Plus Switch 2900G - 28 port (3CRBSG2893) 3Com Baseline Plus Switch 2900G - 28HPWR (3CRBSG28HPWR93) 3Com Baseline Plus Switch 2900G - 28PWR (3CRBSG28PWR93) 8800_5.20.R3352 JC147A HP A8802 Router Chassis JC147B HP 8802 Router Chassis JC148A HP A8805 Router Chassis JC148B HP 8805 Router Chassis JC149A HP A8808 Router Chassis JC149B HP 8808 Router Chassis JC150A HP A8812 Router Chassis JC150B HP 8812 Router Chassis H3C SR8805 10G Core Router Chassis (0235A0G8) H3C SR8808 10G Core Router Chassis (0235A0G9) H3C SR8812 10G Core Router Chassis (0235A0GA) H3C SR8802 10G Core Router Chassis (0235A0GC) H3C SR8802 10G Core Router Chassis (0235A31B) H3C SR8805 10G Core Router Chassis (0235A31C) H3C SR8808 10G Core Router Chassis (0235A31D) H3C SR8812 10G Core Router Chassis (0235A31E) N/A R5000_3.14p13 JD935A HP 5012 Router JD943A HP 5232 Router JD944A HP 5642 Router JD945A HP Router 5642 TAA JD946A HP 5682 Router N/A 3Com Router 5642 TAA (3C13755TAA) 3Com Router 5009 (3C13700) 3Com Router 5012 (3C13701) 3Com Router 5231 (3C13750) 3Com Router 5232 (3C13751) 3Com Router 5640 (3C13754) 3Com Router 5642 (3C13755) 3Com Router 5680 (3C13758) 3Com Router 5682 (3C13759) R301X_1.40.22 JD916A HP 3012 Router JD917A HP 3013 Router JD918A HP 3016 Router JD919A HP 3018 Router JG005A 3Com Router 3015 N/A 3Com Router 3012 (3C13612) 3Com Router 3013 (3C13613) 3Com Router 3016 (3C13616) 3Com Router 3018 (3C13618) R6000_3.14p13 JD967A HP Router 6040 Chassis JD972A HP Router 6080 Chassis N/A 3Com Router 6040 Chassis (3C13840) 3Com Router 6080 Chassis (3C13880) MSR20.SI_5.20.R2312P20 JD432A HP A-MSR20-21 Multi-Service Router JD662A HP MSR20-20 Multi-Service Router JD663A HP MSR20-21 Multi-Service Router JD663B HP MSR20-21 Router JD664A HP MSR20-40 Multi-Service Router JF228A HP MSR20-40 Router JF283A HP MSR20-20 Router H3C RT-MSR2020-AC-OVS-H3C (0235A324) H3C RT-MSR2040-AC-OVS-H3 (0235A326) H3C MSR 20-20 (0235A19H) H3C MSR 20-21 (0235A325) H3C MSR 20-40 (0235A19K) H3C MSR-20-21 Router (0235A19J) N/A MSR201X_5.20.R2312P20 JD431A HP MSR20-10 Router JD667A HP MSR20-15 IW Multi-Service Router JD668A HP MSR20-13 Multi-Service Router JD669A HP MSR20-13 W Multi-Service Router JD670A HP MSR20-15 A Multi-Service Router JD671A HP MSR20-15 AW Multi-Service Router JD672A HP MSR20-15 I Multi-Service Router JD673A HP MSR20-11 Multi-Service Router JD674A HP MSR20-12 Multi-Service Router JD675A HP MSR20-12 W Multi-Service Router JD676A HP MSR20-12 T1 Multi-Service Router JF236A HP MSR20-15-I Router JF237A HP MSR20-15-A Router JF238A HP MSR20-15-I-W Router JF239A HP MSR20-11 Router JF240A HP MSR20-13 Router JF241A HP MSR20-12 Router JF806A HP MSR20-12-T Router JF807A HP MSR20-12-W Router JF808A HP MSR20-13-W Router JF809A HP MSR20-15-A-W Router JF817A HP MSR20-15 Router JG209A HP MSR20-12-T-W Router (NA) JG210A HP MSR20-13-W Router (NA) H3C MSR 20-15 Router Host(AC) 1 FE 4 LSW 1 ADSLoPOTS 1 DSIC (0235A0A8) H3C MSR 20-10 (0235A0A7) H3C RT-MSR2011-AC-OVS-H3 (0235A395) H3C RT-MSR2012-AC-OVS-H3 (0235A396) H3C RT-MSR2012-AC-OVS-W-H3 (0235A397) H3C RT-MSR2012-T-AC-OVS-H3 (0235A398) H3C RT-MSR2013-AC-OVS-H3 (0235A390) H3C RT-MSR2013-AC-OVS-W-H3 (0235A391) H3C RT-MSR2015-AC-OVS-A-H3 (0235A392) H3C RT-MSR2015-AC-OVS-AW-H3 (0235A393) H3C RT-MSR2015-AC-OVS-I-H3 (0235A394) H3C RT-MSR2015-AC-OVS-IW-H3 (0235A38V) H3C MSR 20-11 (0235A31V) H3C MSR 20-12 (0235A32E) H3C MSR 20-12 T1 (0235A32B) H3C MSR 20-13 (0235A31W) H3C MSR 20-13 W (0235A31X) H3C MSR 20-15 A (0235A31Q) H3C MSR 20-15 A W (0235A31R) H3C MSR 20-15 I (0235A31N) H3C MSR 20-15 IW (0235A31P) H3C MSR20-12 W (0235A32G) N/A MSR30.SI_5.20.R2312P20 JD654A HP MSR30-60 POE Multi-Service Router JD657A HP MSR30-40 Multi-Service Router JD658A HP MSR30-60 Multi-Service Router JD660A HP MSR30-20 POE Multi-Service Router JD661A HP MSR30-40 POE Multi-Service Router JD666A HP MSR30-20 Multi-Service Router JF229A HP MSR30-40 Router JF230A HP MSR30-60 Router JF232A HP RT-MSR3040-AC-OVS-AS-H3 JF235A HP MSR30-20 DC Router JF284A HP MSR30-20 Router JF287A HP MSR30-40 DC Router JF801A HP MSR30-60 DC Router JF802A HP MSR30-20 PoE Router JF803A HP MSR30-40 PoE Router JF804A HP MSR30-60 PoE Router H3C MSR 30-20 Router (0235A328) H3C MSR 30-40 Router Host(DC) (0235A268) H3C RT-MSR3020-AC-POE-OVS-H3 (0235A322) H3C RT-MSR3020-DC-OVS-H3 (0235A267) H3C RT-MSR3040-AC-OVS-H (0235A299) H3C RT-MSR3040-AC-POE-OVS-H3 (0235A323) H3C RT-MSR3060-AC-OVS-H3 (0235A320) H3C RT-MSR3060-AC-POE-OVS-H3 (0235A296) H3C RT-MSR3060-DC-OVS-H3 (0235A269) H3C MSR 30-20 RTVZ33020AS Router Host(AC) (0235A20S) H3C MSR 30-20 (0235A19L) H3C MSR 30-20 POE (0235A239) H3C MSR 30-40 (0235A20J) H3C MSR 30-40 POE (0235A25R) H3C MSR 30-60 (0235A20K) H3C MSR 30-60 POE (0235A25S) H3C RT-MSR3040-AC-OVS-AS-H3 (0235A20V) N/A MSR3016.SI_5.20.R2312P20 JD659A HP MSR30-16 POE Multi-Service Router JD665A HP MSR30-16 Multi-Service Router JF233A HP MSR30-16 Router JF234A HP MSR30-16 PoE Router H3C RT-MSR3016-AC-OVS-H3 (0235A327) H3C RT-MSR3016-AC-POE-OVS-H3 (0235A321) H3C MSR 30-16 (0235A237) H3C MSR 30-16 POE (0235A238) N/A MSR301X.SI_5.20.R2312P20 JF800A HP MSR30-11 Router JF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr JG182A HP MSR30-11E Router JG183A HP MSR30-11F Router JG184A HP MSR30-10 DC Router H3C MSR 30-10 Router Host(AC) 2FE 2SIC 1XMIM 256DDR (0235A39H) H3C RT-MSR3011-AC-OVS-H3 (0235A29L) N/A MSR50.SI_5.20.R2312P20 JD433A HP MSR50-40 Router JD653A HP MSR50 Processor Module JD655A HP MSR50-40 Multi-Service Router JD656A HP MSR50-60 Multi-Service Router JF231A HP MSR50-60 Router JF285A HP MSR50-40 DC Router JF640A HP MSR50-60 Rtr Chassis w DC PwrSupply H3C MSR 50-40 Router (0235A297) H3C MSR5040-DC-OVS-H3C (0235A20P) H3C RT-MSR5060-AC-OVS-H3 (0235A298) H3C MSR 50-40 Chassis (0235A20N) H3C MSR 50-60 Chassis (0235A20L) N/A MSR50.EPUSI_5.20.R2312P20 JD429A HP MSR50 G2 Processor Module JD429B HP MSR50 G2 Processor Module H3C H3C MSR 50 Processor Module-G2 (0231A84Q) H3C MSR 50 High Performance Main Processing Unit 3GE (Combo) 256F/1GD(0231A0KL) N/A MSR9XX_5.20.R2312P20 JF812A HP MSR900 Router JF813A HP MSR920 Router JF814A HP MSR900-W Router JF815A HP MSR920 2FEWAN/8FELAN/.11b/g Rtr JG207A HP MSR900-W Router (NA) JG208A HP MSR920-W Router (NA) H3C MSR 900 Router with 802.11b/g 2 FE WAN 4 FE LAN 256DDR 802.11b (0235A0C2) H3C MSR 900 Router 2 FE WAN 4 FE LAN 256DDR (0235A0BX) H3C MSR 920 Router with 802.11b/g 2 FE WAN 8 FE LAN 256DDR (0235A0C4) H3C MSR 920 Router 2 FE WAN 8 FE LAN 256DDR (0235A0C0) N/A MSR20.SI_5.20.R2315L02.RU JD663B HP MSR20-21 Router JF228A HP MSR20-40 Router JF283A HP MSR20-20 Router H3C RT-MSR2020-AC-OVS-H3C (0235A324) H3C RT-MSR2040-AC-OVS-H3 (0235A326) N/A MSR201X_5.20.R2315L02.RU JD431A HP MSR20-10 Router JF236A HP MSR20-15-I Router JF237A HP MSR20-15-A Router JF238A HP MSR20-15-I-W Router JF239A HP MSR20-11 Router JF240A HP MSR20-13 Router JF241A HP MSR20-12 Router JF806A HP MSR20-12-T Router JF807A HP MSR20-12-W Router JF808A HP MSR20-13-W Router JF809A HP MSR20-15-A-W Router JF817A HP MSR20-15 Router H3C MSR 20-10 (0235A0A7) H3C RT-MSR2015-AC-OVS-I-H3 (0235A394) H3C RT-MSR2015-AC-OVS-A-H3 (0235A392) H3C RT-MSR2015-AC-OVS-AW-H3 (0235A393) H3C RT-MSR2011-AC-OVS-H3 (0235A395) H3C RT-MSR2013-AC-OVS-H3 (0235A390) H3C RT-MSR2012-AC-OVS-H3 (0235A396) H3C RT-MSR2012-T-AC-OVS-H3 (0235A398) H3C RT-MSR2012-AC-OVS-W-H3 (0235A397) H3C RT-MSR2013-AC-OVS-W-H3 (0235A391) H3C RT-MSR2015-AC-OVS-IW-H3 (0235A38V) H3C MSR 20-15 Router Host(AC) 1 FE 4 LSW 1 ADSLoPOTS 1 DSIC (0235A0A8) N/A MSR30.SI_5.20.R2315L02.RU JF229A HP MSR30-40 Router JF230A HP MSR30-60 Router JF235A HP MSR30-20 DC Router JF284A HP MSR30-20 Router JF287A HP MSR30-40 DC Router JF801A HP MSR30-60 DC Router JF802A HP MSR30-20 PoE Router JF803A HP MSR30-40 PoE Router JF804A HP MSR30-60 PoE Router H3C RT-MSR3040-AC-OVS-H (0235A299) H3C RT-MSR3060-AC-OVS-H3 (0235A320) H3C RT-MSR3020-DC-OVS-H3 (0235A267) H3C MSR 30-20 Router (0235A328) H3C MSR 30-40 Router Host(DC) (0235A268) H3C RT-MSR3060-DC-OVS-H3 (0235A269) H3C RT-MSR3020-AC-POE-OVS-H3 (0235A322) H3C RT-MSR3040-AC-POE-OVS-H3 (0235A323) H3C RT-MSR3060-AC-POE-OVS-H3 (0235A296) N/A MSR301X.SI_5.20.R2315L02.RU JF800A HP MSR30-11 Router JF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr JG182A HP MSR30-11E Router JG183A HP MSR30-11F Router JG184A HP MSR30-10 DC Router H3C RT-MSR3011-AC-OVS-H3 (0235A29L) H3C MSR 30-10 Router Host(AC) 2FE 2SIC 1XMIM 256DDR (0235A39H) N/A MSR3016.SI_5.20.R2315L02.RU JF233A HP MSR30-16 Router JF234A HP MSR30-16 PoE Router H3C RT-MSR3016-AC-OVS-H3 (0235A327) H3C RT-MSR3016-AC-POE-OVS-H3 (0235A321) N/A MSR50.SI_5.20.R2315L02.RU JD433A HP MSR50-40 Router JD653A HP MSR50 Processor Module JD655A HP MSR50-40 Multi-Service Router JD656A HP MSR50-60 Multi-Service Router JF231A HP MSR50-60 Router JF285A HP MSR50-40 DC Router JF640A HP MSR50-60 Rtr Chassis w DC PwrSupply H3C MSR 50-40 Router (0235A297) H3C MSR 50 Processor Module (0231A791) H3C MSR 50-40 Chassis (0235A20N) H3C MSR 50-60 Chassis (0235A20L) H3C RT-MSR5060-AC-OVS-H3 (0235A298) H3C MSR5040-DC-OVS-H3C (0235A20P) N/A MSR50.EPUSI_5.20.R2315L02.RU JD429B HP MSR50 G2 Processor Module H3C MSR 50 High Performance Main Processing Unit 3GE (Combo) 256F/1GD (0231A0KL) N/A MSR9XX.SI_5.20.R2315L02.RU JF812A HP MSR900 Router JF813A HP MSR920 Router JF814A HP MSR900-W Router JF815A HP MSR920 2FEWAN/8FELAN/.11b/g Rtr H3C MSR 900 Router 2 FE WAN 4 FE LAN 256DDR (0235A0BX) H3C MSR 920 Router 2 FE WAN 8 FE LAN 256DDR (0235A0C0) H3C MSR 900 Router with 802.11b/g 2 FE WAN 4 FE LAN 256DDR 802.11b (0235A0C2)H3C MSR 920 Router with 802.11b/g 2 FE WAN 8 FE LAN 256DDR (0235A0C4) N/A AF1000S.EI_AF1000A.EI_3.40.R3721P06 JD270A HP S1000-S VPN Firewall Appliance JD271A HP S1000-A VPN Firewall Appliance JG213A HP F1000-S-EI VPN Firewall Appliance JG214A HP F1000-A-EI VPN Firewall Appliance N/A N/A R304X_2.41.p09 JD922A HP 3040 Router JD923A HP 3041 Router N/A 3Com Router 3040 (3C13640) 3Com Router 3041 (3C13641) R3036_2.41.p09 JD921A HP 3036 Router N/A 3Com Router 3036 (3C13636) Mitigation notes for CVE-2013-2340 and CVE-2013-2341: CVE-2013-2340: HTTP/BIMS Manual Commands For routers: Shutdown BIMS using the "undo bims enable" command. For routers and switches:Shutdown the http service using the "undo ip http enable" command, or bind the http service with a valid source IP ACL by configuring the switch or router to associate the HTTP service with an ACL and only allow the clients within the management network segment to access the device. CVE-2013-2341: Password Security in Configuration Files Follow the guidelines in the whitepaper: HP Networking guide to hardening Comware-based devices for password-control which removes passwords from the configuration file. Alternatively, only use secure configuration file transfer methods and store configuration files on a secure system. HISTORY Version:1 (rev.1) - 27 June 2013 Initial Release Version:2 (rev.2) - 17 July 2013 Corrected impacted product names Version:3 (rev.3) - 23 August 2013 Added mitigations and workarounds Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2013 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iEYEARECAAYFAlIeC9sACgkQ4B86/C0qfVkaoQCg48locw158bv1Elm+/2gXHNTI G3sAoIrNMy3kfZ4Xtjbu8itkscOrPNL6 =GqoP -----END PGP SIGNATURE-----

Unspecified vulnerability on the HP ProCurve JC###A, JC###B, JD###A, JD###B, JE###A, JF###A, JF###B, JF###C, JG###A, 658250-B21, and 658247-B21; HP 3COM routers and switches; and HP H3C routers and switches allows remote authenticated users to execute arbitrary code or obtain sensitive information via unknown vectors. Multiple HP products are prone to an unspecified vulnerability. Little is known about this issue or its effects at this time. We will update this BID as more information emerges. Note: Please refer to the vendor advisory for complete list of affected products. The HP ProCurve family offers switch products. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03808969 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03808969 Version: 3 HPSBHF02888 rev.3 - HP Network Products including H3C and 3COM Routers and Switches, Remote Information Disclosure and Code Execution NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. The vulnerabilities could be remotely exploited resulting in disclosure of information and execution of code. Mitigations and workarounds: Please see the Mitigation notes in the Resolution section below. References: CVE-2013-2340 (SSRT100917), CVE-2013-2341 (SSRT101120) SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2013-2340 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2341 (AV:N/AC:H/Au:S/C:C/I:C/A:C) 7.1 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has made the following software updates available to resolve the vulnerabilities. Fixed Version HP Branded Products Impacted H3C Branded Products Impacted 3Com Branded Products Impacted 12500_5.20.R1825P01 JC085A HP A12518 Switch Chassis JC086A HP A12508 Switch Chassis JC652A HP 12508 DC Switch Chassis JC653A HP 12518 DC Switch Chassis JC654A HP 12504 AC Switch Chassis JC655A HP 12504 DC Switch Chassis JF430A HP A12518 Switch Chassis JF430B HP 12518 Switch Chassis JF430C HP 12518 AC Switch Chassis JF431A HP A12508 Switch Chassis JF431B HP 12508 Switch Chassis JF431C HP 12508 AC Switch Chassis H3C S12508 Routing Switch(AC-1) (0235A0GE) H3C S12518 Routing Switch(AC-1) (0235A0GF) H3C S12508 Chassis (0235A0E6) H3C S12508 Chassis (0235A38N) H3C S12518 Chassis (0235A0E7) H3C S12518 Chassis (0235A38M) N/A 10500_5.20.R1208-US JC611A HP 10508-V Switch Chassis JC612A HP 10508 Switch Chassis JC613A HP 10504 Switch Chassis JC748A HP 10512 Switch Chassis N/A N/A S9500E_5.20.R1825P01 JC124A HP A9508 Switch Chassis JC124B HP 9505 Switch Chassis JC125A HP A9512 Switch Chassis JC125B HP 9512 Switch Chassis JC474A HP A9508-V Switch Chassis JC474B HP 9508-V Switch Chassis H3C S9505E Routing-Switch Chassis (0235A0G6) H3C S9508E-V Routing-Switch Chassis (0235A38Q) H3C S9512E Routing-Switch Chassis (0235A0G7) H3C S9508E-V Routing-Switch Chassis (0235A38Q) H3C S9505E Chassis w/ Fans (0235A38P) H3C S9512E Chassis w/ Fans (0235A38R) N/A 7500_5.20.R6708-US JD238A HP A7510 Switch Chassis JD238B HP 7510 Switch Chassis JD239A HP A7506 Switch Chassis JD239B HP 7506 Switch Chassis JD240A HP A7503 Switch Chassis JD240B HP 7503 Switch Chassis JD241A HP A7506 Vertical Switch Chassis JD241B HP 7506-V Switch Chassis JD242A HP A7502 Switch Chassis JD242B HP 7502 Switch Chassis JD243A HP A7503 Switch Chassis w/1 Fabric Slot JD243B HP 7503-S Switch Chassis w/1 Fabric Slot JE164A HP E7902 Switch Chassis JE165A HP E7903 Switch Chassis JE166A HP E7903 Switch Chassis w/1 Fabric Slot JE167A HP E7906 Switch Chassis JE168A HP E7906 Vertical Switch Chassis JE169A HP E7910 Switch Chassis H3C S7502E Ethernet Switch Chassis with Fan (0235A0G4) H3C S7503E Ethernet Switch Chassis with Fan (0235A0G2) H3C S7503E-S Ethernet Switch Chassis with Fan (0235A0G5) H3C S7506E Ethernet Switch Chassis with Fan (0235A0G1) H3C S7506E-V Ethernet Switch Chassis with Fan (0235A0G3) H3C S7510E Ethernet Switch Chassis with Fan (0235A0G0) H3C S7502E Chassis w/ fans (0235A29A) H3C S7503E Chassis w/ fans (0235A27R) H3C S7503E-S Chassis w/ fans (0235A33R) H3C S7506E Chassis w/ fans (0235A27Q) H3C S7506E-V Chassis w/ fans (0235A27S) N/A 6125-CMW520-R2105 658250-B21 HP 6125G/XG Ethernet Blade Switch 658247-B21 HP 6125G Ethernet Blade Switch N/A N/A 5830_5.20.R1118-US JC691A HP A5830AF-48G Switch w/1 Interface Slot JC694A HP A5830AF-96G Switch JG316A HP 5830AF-48G TAA Switch w/1 Intf Slot JG374A HP 5830AF-96G TAA Switch N/A N/A 5800-5820X_5.20.R1807P02-US JC099A HP 5800-24G-PoE Switch JC100A HP 5800-24G Switch JC101A HP 5800-48G Switch with 2 Slots JC102A HP 5820-24XG-SFP+ Switch JC103A HP 5800-24G-SFP Switch JC104A HP 5800-48G-PoE Switch JC105A HP 5800-48G Switch JC106A HP 5820-14XG-SFP+ Switch with 2 Slots JG219A HP 5820AF-24XG Switch JG225A HP 5800AF-48G Switch JG242A HP 5800-48G-PoE+ TAA Switch w 2 Slots JG243A HP 5820-24XG-SFP+ TAA-compliant Switch JG254A HP 5800-24G-PoE+ TAA-compliant Switch JG255A HP 5800-24G TAA-compliant Switch JG256A HP 5800-24G-SFP TAA Switch w 1 Intf Slt JG257A HP 5800-48G-PoE+ TAA Switch with 1 Slot JG258A HP 5800-48G TAA Switch w 1 Intf Slot JG259A HP 5820X-14XG-SFP+ TAA Switch w 2 Slots H3C S5800-32C - 24-port 1BT Plus 4-port (SFP Plus ) Plus 1 media slot (0235A36U) H3C S5800-32C-PWR - 24-port 10/100/1000BASE-T (RJ45) Plus 4-port 10GBASE-X (SFP Plus ) Plus 1 media module PoE (0235A36S) H3C S5800-32F 24-port 1000BASE-X (SFP) Plus 4-port 10GBASE-X (SFP Plus ) Plus media module (no power) (0235A374) H3C S5800-56C 48-port 10/100/1000BASE-T (RJ45) Plus 4port 10GBASE-X (SFP Plus ) Plus media module (0235A379) H3C S5800-56C-PWR 48-port BT Plus 4 port (SFP Plus ) Plus media module (0235A378) H3C S5800-60C-PWR 48-port BT Plus 4-port SFP Plus 2 media modules Plus OSM (0235A36W) H3C S5820X-28C 14 port (SFP Plus ) Plus 4-port BT (RJ45) Plus 2 media modules Plus OSM (0235A37L) H3C S5820X-28S 24-port 10GBASE-X (SFP Plus ) Plus 4-port 10/100/1000BASE-T (RJ45) (0235A370) N/A S5600_3.10.R1702P42 JD391A HP S5600-50C Ethernet Switch JD392A HP S5600-50C-PWR Ethernet Switch JD393A HP S5600-26C Ethernet Switch JD394A HP S5600-26C-PWR Ethernet Switch JD395A HP S5600-26F Ethernet Switch H3C S5600-26C Ethernet Switch (0235A11F) H3C S5600-26C-PWR Ethernet Switch (0235A11G) H3C S5600-26F Ethernet Switch (0235A11H) H3C S5600-50C Ethernet Switch (0235A11D) H3C S5600-50C-PWR Ethernet Switch (0235A11E) N/A 5500.EI-4800G_R2220-US JD373A HP 5500-24G DC EI Switch JD374A HP 5500-24G-SFP EI Switch JD375A HP 5500-48G EI Switch JD376A HP 5500-48G-PoE EI Switch JD377A HP 5500-24G EI Switch JD378A HP 5500-24G-PoE EI Switch JD379A HP 5500-24G-SFP DC EI Switch JG240A HP 5500-48G-PoE+ EI Switch w/2 Intf Slts JG241A HP 5500-24G-PoE+ EI Switch w/2 Intf Slts JG249A HP 5500-24G-SFP EI TAA Switch w 2 Slts JG250A HP 5500-24G EI TAA Switch w 2 Intf Slts JG251A HP 5500-48G EI TAA Switch w 2 Intf Slts JG252A HP 5500-24G-PoE+ EI TAA Switch w/2 Slts JG253A HP 5500-48G-PoE+ EI TAA Switch w/2 Slts H3C S5500-28C-EI Ethernet Switch (0235A253) H3C S5500-28F-EI Eth Switch AC Single (0235A24U) H3C S5500-52C-EI Ethernet Switch (0235A24X) H3C S5500-28C-EI-DC Ethernet Switch (0235A24S) H3C S5500-28C-PWR-EI Ethernet Switch (0235A255) H3C S5500-28F-EI Eth Swtch DC Single Pwr (0235A259) H3C S5500-52C-PWR-EI Ethernet Switch (0235A251) N/A 5500.SI_R2220 JD369A HP 5500-24G SI Switch JD370A HP 5500-48G SI Switch JD371A HP 5500-24G-PoE SI Switch JD372A HP 5500-48G-PoE SI Switch JG238A HP 5500-24G-PoE+ SI Switch w/2 Intf Slts JG239A HP 5500-48G-PoE+ SI Switch w/2 Intf Slts H3C S5500-28C-SI Ethernet Switch (0235A04U) H3C S5500-52C-SI Ethernet Switch (0235A04V) H3C S5500-28C-PWR-SI Ethernet Switch (0235A05H) H3C S5500-52C-PWR-SI Ethernet Switch (0235A05J) N/A 5500.HI_5.20.R5105-US JG311A HP HI 5500-24G-4SFP w/2 Intf Slts Switch JG312A HP HI 5500-48G-4SFP w/2 Intf Slts Switch N/A N/A E5500G_03.03.02p21 JE088A HP E5500-24G Switch JE089A HP E5500-24G Switch (TAA) JE090A HP E5500-48G Switch JE091A HP E5500-48G Switch (TAA) JE092A HP E5500-24G-PoE Switch JE093A HP E5500-24G-PoE Switch (TAA) JE094A HP E5500-48G-PoE Switch JE095A HP E5500-48G-PoE Switch (TAA) JE096A HP E5500-24G-SFP Switch JE097A HP E5500-24G-SPF Switch (TAA) JF551A HP SS4 SWITCH 5500G-EI 24PT (no psu) JF552A HP SS4 SWITCH 5500G-EI 48PT(no psu) JF553A HP SS4 5500G-EI 24 PORT SFP (no psu) N/A 3Com SS4 5500G-EI 24 Port SFP (NO PSU) (3CR17259-91) 3Com SS4 Switch 5500G-EI 24PT (NO PSU) (3CR17254-91) 3Com SS4 Switch 5500G-EI 48PT (NO PSU) (3CR17255-91) 3Com Switch 5500G-EI 24 Port (3CR17250-91) 3Com Switch 5500G-EI 48-Port (3CR17251-91) 3Com Switch 5500G-EI PWR 24-Port (3CR17252-91) 3Com Switch 5500G-EI PWR 48-Port (3CR17253-91) 3Com Switch 5500G-EI SFP 24-Port (3CR17258-91) 3Com TAA Compliant 5500G-EI 24-Port (3CR17250TAA-91) 3Com TAA Compliant 5500G-EI 48-Port (3CR17251TAA-91) 3Com TAA Compliant 5500G-EI PWR 24P (3CR17252TAA-91) 3Com TAA Compliant 5500G-EI PWR 48P (3CR17253TAA-91) 3Com TAA Compliant 5500G-EI SFP 24P (3CR17258TAA-91) E5500_03.03.02p21 JE099A HP E5500-24 SI Switch JE100A HP E5500-48 SI Switch JE101A HP E5500-24 Switch JE102A HP E5500-24 Switch (TAA) JE103A HP E5500-48 Switch JE104A HP E5500-48 Switch (TAA) JE105A HP E5500-24-PoE Switch JE106A HP E5500-24-PoE Switch (TAA) JE107A HP E5500-48-PoE Switch JE108A HP E5500-48-PoE Switch (TAA) JE109A HP E5500-24-SFP Switch JE110A HP E5500-24-SPF Switch (TAA) N/A 3Com SS4 Switch 5500-SI 28 Port (3CR17151-91) 3Com SS4 Switch 5500-SI 52 Port (3CR17152-91) 3Com Switch 5500-EI 28-Port (3CR17161-91) 3Com Switch 5500-EI 28-Port FX (3CR17181-91) 3Com Switch 5500-EI 52-Port (3CR17162-91) 3Com Switch 5500-EI PWR 28-Port (3CR17171-91) 3Com Switch 5500-EI PWR 52-Port (3CR17172-91) 3Com TAA Switch 5500-EI 28-Port (3CR17161TAA-91) 3Com TAA Switch 5500-EI 28-Port FX (3CR17181TAA-91) 3Com TAA Switch 5500-EI 52-Port (3CR17162TAA-91) 3Com TAA Switch 5500-EI PWR 28-Port (3CR17171TAA-91) 3Com TAA Switch 5500-EI PWR 52-Port (3CR17172TAA-91) 5120.SI_5.20.R1513P07 JE072A HP 5120-48G SI Switch JE073A HP 5120-16G SI Switch JE074A HP 5120-24G SI Switch JG091A HP 5120-24G-PoE+ (370W) SI Switch JG092A HP 5120-24G-PoE+ (170W) SI Switch H3C S5120-28P-HPWR-SI (0235A0E5) H3C S5120-28P-PWR-SI (0235A0E3) H3C S5120-20P-SI L2 16GE Plus 4SFP (0235A42B) H3C S5120-28P-SI 24GE Plus 4 SFP (0235A42D) H3C S5120-52P-SI 48GE Plus 4 SFP (0235A41W) N/A 5120.EI-4210G-4510G_R2220-US JE066A HP 5120-24G EI Switch JE067A HP 5120-48G EI Switch JE068A HP 5120-24G EI Switch with 2 Slots JE069A HP 5120-48G EI Switch with 2 Slots JE070A HP 5120-24G-PoE EI Switch with 2 Slots JE071A HP 5120-48G-PoE EI Switch with 2 Slots JG236A HP 5120-24G-PoE+ EI Switch w/2 Intf Slts JG237A HP 5120-48G-PoE+ EI Switch w/2 Intf Slts JG245A HP 5120-24G EI TAA Switch w 2 Intf Slts JG246A HP 5120-48G EI TAA Switch w 2 Intf Slts JG247A HP 5120-24G-PoE+ EI TAA Switch w 2 Slts JG248A HP 5120-48G-PoE+ EI TAA Switch w 2 Slts H3C S5120-24P-EI 24GE Plus 4ComboSFP (0235A0BQ) H3C S5120-28C-EI 24GE Plus 4Combo Plus 2Slt (0235A0BS) H3C S5120-48P-EI 48GE Plus 4ComboSFP (0235A0BR) H3C S5120-52C-EI 48GE Plus 4Combo Plus 2Slt (0235A0BT) H3C S5120-28C-PWR-EI 24G Plus 4C Plus 2S Plus POE (0235A0BU) H3C S5120-52C-PWR-EI 48G Plus 4C Plus 2S Plus POE (0235A0BV) N/A S5100.SI_3.10.R2221P07 JD348A HP A5100-24G SI Switch JD349A HP A5100-48G SI Switch JD356A HP A5100-16G SI Switch JD357A HP A5100-8G SI Switch H3C S5100-16P-SI - model LS-5100-16P-SI-OVS-H3 (0235A22R) H3C S5100-24P-SI - model LS-5100-24P-SI-OVS-H3 (0235A20Q) H3C S5100-48P-SI - model LS-5100-48P-SI-OVS-H3 (0235A20R) H3C S5100-8P-SI - model LS-5100-8P-SI-OVS-H3 (0235A22T) N/A S5100.EI_3.10.R2221P07 JD344A HP A5100-24G EI Switch w/SFP uplink JD345A HP A5100-48G EI Switch w/SFP Uplink JD346A HP A5100-24G EI Switch JD347A HP A5100-48G EI Switch JD350A HP A5100-8G EI Switch JD351A HP A5100-16G EI Switch JD352A HP A5100-8G-PoE EI Switch JD353A HP A5100-16G-PoE EI Switch JD354A HP A5100-24G-PoE EI Switch JD355A HP A5100-48G-PoE EI Switch H3C S5100-16P-EI - model LS-5100-16P-EI-OVS-H3 (0235A21Q) H3C S5100-16P-PWR-EI - model LS-5100-16P-PWR-EI-OVS (0235A22K) H3C S5100-24P-EI - model LS-5100-24P-EI-OVS (0235A08K) H3C S5100-26C-EI - model LS-5100-26C-EI-OVS (0235A08F) H3C S5100-26C-PWR-EI - model LS-5100-26C-PWR-EI-OVS (0235A22M) H3C S5100-48P-EI - model LS-5100-48P-EI-OVS (0235A08M) H3C S5100-50C-EI - model LS-5100-50C-EI-OVS (0235A08H) H3C S5100-50C-PWR-EI - model LS-5100-50C-PWR-EI-OVS (0235A22P) H3C S5100-8P-EI - model LS-5100-8P-EI-OVS-H3 (0235A21P) H3C S5100-8P-PWR-EI - model LS-5100-8P-PWR-EI-OVS (0235A22H) N/A 5500.EI-4800G_R2220-US JD007A HP 4800-24G Switch JD008A HP 4800-24G-PoE Switch JD009A HP 4800-24G-SFP Switch JD010A HP 4800-48G Switch JD011A HP 4800-48G-PoE Switch N/A 3Com Switch 4800G 24-Port (3CRS48G-24-91) 3Com Switch 4800G 24-Port SFP (3CRS48G-24S-91) 3Com Switch 4800G 48-Port (3CRS48G-48-91) 3Com Switch 4800G PWR 24-Port (3CRS48G-24P-91) 3Com Switch 4800G PWR 48-Port (3CRS48G-48P-91) 5120.EI-4210G-4510G_R2220-US JF428A HP 4510-48G Switch JF847A HP 4510-24G Switch N/A 3Com Switch 4510G 48 Port (3CRS45G-48-91) 3Com Switch 4510G PWR 24-Port (3CRS45G-24P-91) 3Com Switch E4510-24G (3CRS45G-24-91) E4500_03.03.02p20 JE045A HP 4500-24 Switch JE046A HP 4500-48 Switch JE047A HP 4500-24-PoE Switch JE048A HP 4500-48-PoE Switch N/A 3Com Switch 4500 26-Port (3CR17561-91) 3Com Switch 4500 50-Port (3CR17562-91) 3Com Switch 4500 PWR 26-Port (3CR17571-91) 3Com Switch 4500 PWR 50-Port (3CR17572-91) s4o03_01_15s168 JE021A HP E4210-8 Switch JE023A HP E4210-8 Switch (TAA) JE024A HP E4210-16 Switch JE026A HP E4210-24 Switch JE027A HP 4210-48 Switch JE028A HP E4210-8-PoE Switch JE030A HP E4210-8-PoE Switch (TAA) JE031A HP E4210-16-PoE Switch JE032A HP E4210-24-PoE Switch N/A 3Com Switch 4210 18-Port (3CR17332-91) 3Com Switch 4210 26-Port (3CR17333-91) 3Com Switch 4210 52-Port (3CR17334-91) 3Com Switch 4210 9-Port (3CR17331-91) 3Com Switch 4210 PWR 18-Port (3CR17342-91) 3Com Switch 4210 PWR 26-Port (3CR17343-91) 3Com Switch 4210 PWR 9P TAA (3CR17341TAA-91) 3Com Switch 4210 PWR 9-Port (3CR17341-91) S4210A_3.10.R2215P12 JE022A HP 4210-8 Switch JE025A HP 4210-16 Switch JE029A HP 4210-8-PoE Switch JE033A HP 4210-24-PoE Switch JF427A HP 4210-24 Switch N/A 3Com Switch 4210 9-Port (3CR17331A-91) 3Com Switch 4210 26-Port (3CR17333A-91) 3Com Switch 4210 18-Port (3CR17332A-91) 3Com Switch 4210 PWR 26-Port (3CR17343A-91) 3Com Switch 4210 PWR 9-Port (3CR17341A-91) 5120.EI-4210G-4510G_R2220-US JF844A HP 4210-24G Switch JF845A HP 4210-48G Switch JF846A HP 4210-24G-PoE Switch N/A 3Com Switch 4210-24G (3CRS42G-24-91) 3Com Switch 4210-48G (3CRS42G-48-91) 3Com Switch E4210-24G-PoE (3CRS42G-24P-91) s3t03_02_07s168 JE015A HP 4200-12G Switch JE016A HP E4200-24G Switch JE017A HP E4200-24G NTG Switch JE018A HP E4200-48G Switch JE019A HP E4200-48G NTG Switch JE020A HP E4200-24G-PoE Switch N/A 3Com Switch 4200G 12-Port (3CR17660-91) 3Com Switch 4200G 24-Port (3CR17661-91) 3Com Switch 4200G 48-Port (3CR17662-91) 3Com Switch 4200G PWR 24-Port (3CR17671-91) 3Com Switch 4200G-NTG 24-Port (3CR17661NTG-91) 3Com Switch 4200G-NTG 48-Port (3CR17662NTG-91) S3610-5510_5.20.R5319P04 JD335A HP 3610-48 Switch JD336A HP 3610-24-4G-SFP Switch JD337A HP 3610-24-2G-2G-SFP Switch JD338A HP 3610-24-SFP Switch H3C S3610-28F - model LS-3610-28F-OVS (0235A22F) H3C S3610-28P - model LS-3610-28P-OVS (0235A22D) H3C S3610-28TP - model LS-3610-28TP-OVS (0235A22E) H3C S3610-52P - model LS-3610-52P-OVS (0235A22C) N/A 3600V2_5.20.R2108 JG299A HP 3600-24 v2 EI Switch JG300A HP 3600-48 v2 EI Switch JG301A HP 3600-24-PoE+ v2 EI Switch JG302A HP 3600-48-PoE+ v2 EI Switch JG303A HP 3600-24-SFP v2 EI Switch JG304A HP 3600-24 v2 SI Switch JG305A HP 3600-48 v2 SI Switch JG306A HP 3600-24-PoE+ v2 SI Switch JG307A HP 3600-48-PoE+ v2 SI Switch N/A N/A S3600.SI_3.10.R1702P42 JD325A HP 3600-24-PoE SI Switch JD327A HP 3600-48-PoE SI Switch JD329A HP 3600-24TP SI Switch JD330A HP 3600-24 SI Switch JD332A HP 3600-48 SI Switch H3C S3600-28P-PWR-SI - model LS-3600-28P-PWR-SI-OVS (0235A10B) H3C S3600-28P-SI - model LS-3600-28P-SI-OVS (0235A10G) H3C S3600-28TP-SI - model LS-3600-28TP-SI-OVS (0235A10F) H3C S3600-52P-PWR-SI - model LS-3600-52P-PWR-SI-OVS (0235A10D) H3C S3600-52P-SI - model LS-3600-52P-SI-OVS (0235A10J) N/A S3600.EI_3.10.R1702P42 JD326A HP 3600-24-PoE EI Switch JD328A HP 3600-48-PoE EI Switch JD331A HP 3600-24 EI Switch JD333A HP 3600-48 EI Switch JD334A HP 3600-24-SFP EI Switch H3C S3600-28F-EI - model LS-3600-28F-EI-OVS (0235A10L) H3C S3600-28P-EI - model LS-3600-28P-EI-OVS (0235A10H) H3C S3600-28P-PWR-EI - model LS-3600-28P-PWR-EI-OVS (0235A10C) H3C S3600-52P-EI - model LS-3600-52P-EI-OVS (0235A10K) H3C S3600-52P-PWR-EI - model LS-3600-52P-PWR-EI-OVS (0235A10E) N/A 3100V2_5.20.R5203P01 JD313B HP 3100-24-PoE v2 EI Switch JD318B HP 3100-8 v2 EI Switch JD319B HP 3100-16 v2 EI Switch JD320B HP 3100-24 v2 EI Switch JG221A HP 3100-8 v2 SI Switch JG222A HP 3100-16 v2 SI Switch JG223A HP 3100-24 v2 SI Switch N/A N/A 3100V2.48_5.20.R2108 JG315A HP 3100-48 v2 Switch N/A N/A S3100.SI_3.10.R2215P12 JD302A HP A3100-16 DC SI Switch with 2 Slots JD303A HP A3100-24 DC SI Switch with 2 Slots JD304A HP 3100-8 SI Switch JD305A HP 3100-16 SI Switch JD306A HP 3100-24 SI Switch JD307A HP A3100-8 SI Switch w 1 Ext Mod Slot JD308A HP A3100-16 SI Switch w 2 Mod Slots JD309A HP A3100-24 SI Switch with 2 Slots JD310A HP A3100-8 SI Switch with 1 Slot H3C S3100-16C-SI - model LS-S3100-16C-SI-AC-OVS (0235A15G) H3C S3100-16C-SI - model LS-S3100-16C-SI-DC-OVS (0235A14V) H3C S3100-16T-SI - model LS-S3100-16T-SI-AC-OVS (0235A15C) H3C S3100-26C-SI - model LS-S3100-26C-SI-AC-OVS (0235A15H) H3C S3100-26C-SI - model LS-S3100-26C-SI-DC-OVS (0235A14W) H3C S3100-26T-SI - model LS-S3100-26T-SI-AC-OVS (0235A15D) H3C S3100-8C-SI - model LS-S3100-8C-SI-AC-OVS (0235A15F) H3C S3100-8C-SI - model LS-S3100-8C-SI-DC-OVS (0235A15J) H3C S3100-8T-SI - model LS-S3100-8T-SI-AC-OVS (0235A15B) N/A S3152_3.10.R1702P42 JD317A HP 3100-48 Switch H3C S3100-52P - model LS-3100-52P-OVS-H3 (0235A248) N/A 1910_5.20.R1513P07 JE005A HP 1910-16G Switch JE006A HP 1910-24G Switch JE007A HP 1910-24G-PoE (365W) Switch JE008A HP 1910-24G-PoE(170W) Switch JE009A HP 1910-48G Switch JG348A HP 1910-8G Switch JG349A HP 1910-8G-PoE+ (65W) Switch JG350A HP 1910-8G-PoE+ (180W) Switch N/A 3Com Baseline Plus Switch 2900 Gigabit Family - 52 port (3CRBSG5293) 3Com Baseline Plus Switch 2900G - 20 port (3CRBSG2093) 3Com Baseline Plus Switch 2900G - 28 port (3CRBSG2893) 3Com Baseline Plus Switch 2900G - 28HPWR (3CRBSG28HPWR93) 3Com Baseline Plus Switch 2900G - 28PWR (3CRBSG28PWR93) 8800_5.20.R3352 JC147A HP A8802 Router Chassis JC147B HP 8802 Router Chassis JC148A HP A8805 Router Chassis JC148B HP 8805 Router Chassis JC149A HP A8808 Router Chassis JC149B HP 8808 Router Chassis JC150A HP A8812 Router Chassis JC150B HP 8812 Router Chassis H3C SR8805 10G Core Router Chassis (0235A0G8) H3C SR8808 10G Core Router Chassis (0235A0G9) H3C SR8812 10G Core Router Chassis (0235A0GA) H3C SR8802 10G Core Router Chassis (0235A0GC) H3C SR8802 10G Core Router Chassis (0235A31B) H3C SR8805 10G Core Router Chassis (0235A31C) H3C SR8808 10G Core Router Chassis (0235A31D) H3C SR8812 10G Core Router Chassis (0235A31E) N/A R5000_3.14p13 JD935A HP 5012 Router JD943A HP 5232 Router JD944A HP 5642 Router JD945A HP Router 5642 TAA JD946A HP 5682 Router N/A 3Com Router 5642 TAA (3C13755TAA) 3Com Router 5009 (3C13700) 3Com Router 5012 (3C13701) 3Com Router 5231 (3C13750) 3Com Router 5232 (3C13751) 3Com Router 5640 (3C13754) 3Com Router 5642 (3C13755) 3Com Router 5680 (3C13758) 3Com Router 5682 (3C13759) R301X_1.40.22 JD916A HP 3012 Router JD917A HP 3013 Router JD918A HP 3016 Router JD919A HP 3018 Router JG005A 3Com Router 3015 N/A 3Com Router 3012 (3C13612) 3Com Router 3013 (3C13613) 3Com Router 3016 (3C13616) 3Com Router 3018 (3C13618) R6000_3.14p13 JD967A HP Router 6040 Chassis JD972A HP Router 6080 Chassis N/A 3Com Router 6040 Chassis (3C13840) 3Com Router 6080 Chassis (3C13880) MSR20.SI_5.20.R2312P20 JD432A HP A-MSR20-21 Multi-Service Router JD662A HP MSR20-20 Multi-Service Router JD663A HP MSR20-21 Multi-Service Router JD663B HP MSR20-21 Router JD664A HP MSR20-40 Multi-Service Router JF228A HP MSR20-40 Router JF283A HP MSR20-20 Router H3C RT-MSR2020-AC-OVS-H3C (0235A324) H3C RT-MSR2040-AC-OVS-H3 (0235A326) H3C MSR 20-20 (0235A19H) H3C MSR 20-21 (0235A325) H3C MSR 20-40 (0235A19K) H3C MSR-20-21 Router (0235A19J) N/A MSR201X_5.20.R2312P20 JD431A HP MSR20-10 Router JD667A HP MSR20-15 IW Multi-Service Router JD668A HP MSR20-13 Multi-Service Router JD669A HP MSR20-13 W Multi-Service Router JD670A HP MSR20-15 A Multi-Service Router JD671A HP MSR20-15 AW Multi-Service Router JD672A HP MSR20-15 I Multi-Service Router JD673A HP MSR20-11 Multi-Service Router JD674A HP MSR20-12 Multi-Service Router JD675A HP MSR20-12 W Multi-Service Router JD676A HP MSR20-12 T1 Multi-Service Router JF236A HP MSR20-15-I Router JF237A HP MSR20-15-A Router JF238A HP MSR20-15-I-W Router JF239A HP MSR20-11 Router JF240A HP MSR20-13 Router JF241A HP MSR20-12 Router JF806A HP MSR20-12-T Router JF807A HP MSR20-12-W Router JF808A HP MSR20-13-W Router JF809A HP MSR20-15-A-W Router JF817A HP MSR20-15 Router JG209A HP MSR20-12-T-W Router (NA) JG210A HP MSR20-13-W Router (NA) H3C MSR 20-15 Router Host(AC) 1 FE 4 LSW 1 ADSLoPOTS 1 DSIC (0235A0A8) H3C MSR 20-10 (0235A0A7) H3C RT-MSR2011-AC-OVS-H3 (0235A395) H3C RT-MSR2012-AC-OVS-H3 (0235A396) H3C RT-MSR2012-AC-OVS-W-H3 (0235A397) H3C RT-MSR2012-T-AC-OVS-H3 (0235A398) H3C RT-MSR2013-AC-OVS-H3 (0235A390) H3C RT-MSR2013-AC-OVS-W-H3 (0235A391) H3C RT-MSR2015-AC-OVS-A-H3 (0235A392) H3C RT-MSR2015-AC-OVS-AW-H3 (0235A393) H3C RT-MSR2015-AC-OVS-I-H3 (0235A394) H3C RT-MSR2015-AC-OVS-IW-H3 (0235A38V) H3C MSR 20-11 (0235A31V) H3C MSR 20-12 (0235A32E) H3C MSR 20-12 T1 (0235A32B) H3C MSR 20-13 (0235A31W) H3C MSR 20-13 W (0235A31X) H3C MSR 20-15 A (0235A31Q) H3C MSR 20-15 A W (0235A31R) H3C MSR 20-15 I (0235A31N) H3C MSR 20-15 IW (0235A31P) H3C MSR20-12 W (0235A32G) N/A MSR30.SI_5.20.R2312P20 JD654A HP MSR30-60 POE Multi-Service Router JD657A HP MSR30-40 Multi-Service Router JD658A HP MSR30-60 Multi-Service Router JD660A HP MSR30-20 POE Multi-Service Router JD661A HP MSR30-40 POE Multi-Service Router JD666A HP MSR30-20 Multi-Service Router JF229A HP MSR30-40 Router JF230A HP MSR30-60 Router JF232A HP RT-MSR3040-AC-OVS-AS-H3 JF235A HP MSR30-20 DC Router JF284A HP MSR30-20 Router JF287A HP MSR30-40 DC Router JF801A HP MSR30-60 DC Router JF802A HP MSR30-20 PoE Router JF803A HP MSR30-40 PoE Router JF804A HP MSR30-60 PoE Router H3C MSR 30-20 Router (0235A328) H3C MSR 30-40 Router Host(DC) (0235A268) H3C RT-MSR3020-AC-POE-OVS-H3 (0235A322) H3C RT-MSR3020-DC-OVS-H3 (0235A267) H3C RT-MSR3040-AC-OVS-H (0235A299) H3C RT-MSR3040-AC-POE-OVS-H3 (0235A323) H3C RT-MSR3060-AC-OVS-H3 (0235A320) H3C RT-MSR3060-AC-POE-OVS-H3 (0235A296) H3C RT-MSR3060-DC-OVS-H3 (0235A269) H3C MSR 30-20 RTVZ33020AS Router Host(AC) (0235A20S) H3C MSR 30-20 (0235A19L) H3C MSR 30-20 POE (0235A239) H3C MSR 30-40 (0235A20J) H3C MSR 30-40 POE (0235A25R) H3C MSR 30-60 (0235A20K) H3C MSR 30-60 POE (0235A25S) H3C RT-MSR3040-AC-OVS-AS-H3 (0235A20V) N/A MSR3016.SI_5.20.R2312P20 JD659A HP MSR30-16 POE Multi-Service Router JD665A HP MSR30-16 Multi-Service Router JF233A HP MSR30-16 Router JF234A HP MSR30-16 PoE Router H3C RT-MSR3016-AC-OVS-H3 (0235A327) H3C RT-MSR3016-AC-POE-OVS-H3 (0235A321) H3C MSR 30-16 (0235A237) H3C MSR 30-16 POE (0235A238) N/A MSR301X.SI_5.20.R2312P20 JF800A HP MSR30-11 Router JF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr JG182A HP MSR30-11E Router JG183A HP MSR30-11F Router JG184A HP MSR30-10 DC Router H3C MSR 30-10 Router Host(AC) 2FE 2SIC 1XMIM 256DDR (0235A39H) H3C RT-MSR3011-AC-OVS-H3 (0235A29L) N/A MSR50.SI_5.20.R2312P20 JD433A HP MSR50-40 Router JD653A HP MSR50 Processor Module JD655A HP MSR50-40 Multi-Service Router JD656A HP MSR50-60 Multi-Service Router JF231A HP MSR50-60 Router JF285A HP MSR50-40 DC Router JF640A HP MSR50-60 Rtr Chassis w DC PwrSupply H3C MSR 50-40 Router (0235A297) H3C MSR5040-DC-OVS-H3C (0235A20P) H3C RT-MSR5060-AC-OVS-H3 (0235A298) H3C MSR 50-40 Chassis (0235A20N) H3C MSR 50-60 Chassis (0235A20L) N/A MSR50.EPUSI_5.20.R2312P20 JD429A HP MSR50 G2 Processor Module JD429B HP MSR50 G2 Processor Module H3C H3C MSR 50 Processor Module-G2 (0231A84Q) H3C MSR 50 High Performance Main Processing Unit 3GE (Combo) 256F/1GD(0231A0KL) N/A MSR9XX_5.20.R2312P20 JF812A HP MSR900 Router JF813A HP MSR920 Router JF814A HP MSR900-W Router JF815A HP MSR920 2FEWAN/8FELAN/.11b/g Rtr JG207A HP MSR900-W Router (NA) JG208A HP MSR920-W Router (NA) H3C MSR 900 Router with 802.11b/g 2 FE WAN 4 FE LAN 256DDR 802.11b (0235A0C2) H3C MSR 900 Router 2 FE WAN 4 FE LAN 256DDR (0235A0BX) H3C MSR 920 Router with 802.11b/g 2 FE WAN 8 FE LAN 256DDR (0235A0C4) H3C MSR 920 Router 2 FE WAN 8 FE LAN 256DDR (0235A0C0) N/A MSR20.SI_5.20.R2315L02.RU JD663B HP MSR20-21 Router JF228A HP MSR20-40 Router JF283A HP MSR20-20 Router H3C RT-MSR2020-AC-OVS-H3C (0235A324) H3C RT-MSR2040-AC-OVS-H3 (0235A326) N/A MSR201X_5.20.R2315L02.RU JD431A HP MSR20-10 Router JF236A HP MSR20-15-I Router JF237A HP MSR20-15-A Router JF238A HP MSR20-15-I-W Router JF239A HP MSR20-11 Router JF240A HP MSR20-13 Router JF241A HP MSR20-12 Router JF806A HP MSR20-12-T Router JF807A HP MSR20-12-W Router JF808A HP MSR20-13-W Router JF809A HP MSR20-15-A-W Router JF817A HP MSR20-15 Router H3C MSR 20-10 (0235A0A7) H3C RT-MSR2015-AC-OVS-I-H3 (0235A394) H3C RT-MSR2015-AC-OVS-A-H3 (0235A392) H3C RT-MSR2015-AC-OVS-AW-H3 (0235A393) H3C RT-MSR2011-AC-OVS-H3 (0235A395) H3C RT-MSR2013-AC-OVS-H3 (0235A390) H3C RT-MSR2012-AC-OVS-H3 (0235A396) H3C RT-MSR2012-T-AC-OVS-H3 (0235A398) H3C RT-MSR2012-AC-OVS-W-H3 (0235A397) H3C RT-MSR2013-AC-OVS-W-H3 (0235A391) H3C RT-MSR2015-AC-OVS-IW-H3 (0235A38V) H3C MSR 20-15 Router Host(AC) 1 FE 4 LSW 1 ADSLoPOTS 1 DSIC (0235A0A8) N/A MSR30.SI_5.20.R2315L02.RU JF229A HP MSR30-40 Router JF230A HP MSR30-60 Router JF235A HP MSR30-20 DC Router JF284A HP MSR30-20 Router JF287A HP MSR30-40 DC Router JF801A HP MSR30-60 DC Router JF802A HP MSR30-20 PoE Router JF803A HP MSR30-40 PoE Router JF804A HP MSR30-60 PoE Router H3C RT-MSR3040-AC-OVS-H (0235A299) H3C RT-MSR3060-AC-OVS-H3 (0235A320) H3C RT-MSR3020-DC-OVS-H3 (0235A267) H3C MSR 30-20 Router (0235A328) H3C MSR 30-40 Router Host(DC) (0235A268) H3C RT-MSR3060-DC-OVS-H3 (0235A269) H3C RT-MSR3020-AC-POE-OVS-H3 (0235A322) H3C RT-MSR3040-AC-POE-OVS-H3 (0235A323) H3C RT-MSR3060-AC-POE-OVS-H3 (0235A296) N/A MSR301X.SI_5.20.R2315L02.RU JF800A HP MSR30-11 Router JF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr JG182A HP MSR30-11E Router JG183A HP MSR30-11F Router JG184A HP MSR30-10 DC Router H3C RT-MSR3011-AC-OVS-H3 (0235A29L) H3C MSR 30-10 Router Host(AC) 2FE 2SIC 1XMIM 256DDR (0235A39H) N/A MSR3016.SI_5.20.R2315L02.RU JF233A HP MSR30-16 Router JF234A HP MSR30-16 PoE Router H3C RT-MSR3016-AC-OVS-H3 (0235A327) H3C RT-MSR3016-AC-POE-OVS-H3 (0235A321) N/A MSR50.SI_5.20.R2315L02.RU JD433A HP MSR50-40 Router JD653A HP MSR50 Processor Module JD655A HP MSR50-40 Multi-Service Router JD656A HP MSR50-60 Multi-Service Router JF231A HP MSR50-60 Router JF285A HP MSR50-40 DC Router JF640A HP MSR50-60 Rtr Chassis w DC PwrSupply H3C MSR 50-40 Router (0235A297) H3C MSR 50 Processor Module (0231A791) H3C MSR 50-40 Chassis (0235A20N) H3C MSR 50-60 Chassis (0235A20L) H3C RT-MSR5060-AC-OVS-H3 (0235A298) H3C MSR5040-DC-OVS-H3C (0235A20P) N/A MSR50.EPUSI_5.20.R2315L02.RU JD429B HP MSR50 G2 Processor Module H3C MSR 50 High Performance Main Processing Unit 3GE (Combo) 256F/1GD (0231A0KL) N/A MSR9XX.SI_5.20.R2315L02.RU JF812A HP MSR900 Router JF813A HP MSR920 Router JF814A HP MSR900-W Router JF815A HP MSR920 2FEWAN/8FELAN/.11b/g Rtr H3C MSR 900 Router 2 FE WAN 4 FE LAN 256DDR (0235A0BX) H3C MSR 920 Router 2 FE WAN 8 FE LAN 256DDR (0235A0C0) H3C MSR 900 Router with 802.11b/g 2 FE WAN 4 FE LAN 256DDR 802.11b (0235A0C2)H3C MSR 920 Router with 802.11b/g 2 FE WAN 8 FE LAN 256DDR (0235A0C4) N/A AF1000S.EI_AF1000A.EI_3.40.R3721P06 JD270A HP S1000-S VPN Firewall Appliance JD271A HP S1000-A VPN Firewall Appliance JG213A HP F1000-S-EI VPN Firewall Appliance JG214A HP F1000-A-EI VPN Firewall Appliance N/A N/A R304X_2.41.p09 JD922A HP 3040 Router JD923A HP 3041 Router N/A 3Com Router 3040 (3C13640) 3Com Router 3041 (3C13641) R3036_2.41.p09 JD921A HP 3036 Router N/A 3Com Router 3036 (3C13636) Mitigation notes for CVE-2013-2340 and CVE-2013-2341: CVE-2013-2340: HTTP/BIMS Manual Commands For routers: Shutdown BIMS using the "undo bims enable" command. For routers and switches:Shutdown the http service using the "undo ip http enable" command, or bind the http service with a valid source IP ACL by configuring the switch or router to associate the HTTP service with an ACL and only allow the clients within the management network segment to access the device. CVE-2013-2341: Password Security in Configuration Files Follow the guidelines in the whitepaper: HP Networking guide to hardening Comware-based devices for password-control which removes passwords from the configuration file. Alternatively, only use secure configuration file transfer methods and store configuration files on a secure system. HISTORY Version:1 (rev.1) - 27 June 2013 Initial Release Version:2 (rev.2) - 17 July 2013 Corrected impacted product names Version:3 (rev.3) - 23 August 2013 Added mitigations and workarounds Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2013 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iEYEARECAAYFAlIeC9sACgkQ4B86/C0qfVkaoQCg48locw158bv1Elm+/2gXHNTI G3sAoIrNMy3kfZ4Xtjbu8itkscOrPNL6 =GqoP -----END PGP SIGNATURE-----

The Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 have a default password for an administrative account, which makes it easier for remote attackers to obtain access via an IP network. An attacker with SSH access to a device could use the key to log in with root privileges. A remote attacker can exploit the vulnerability to gain unauthorized administrative access. Multiple Vendors Multiple EAS Devices are prone to an insecure-default-password vulnerability

dasdec_mkuser on the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 generates predictable passwords, which might make it easier for attackers to obtain non-administrative access via unspecified vectors. An attacker with SSH access to a device could use the key to log in with root privileges. Multiple EAS devices from multiple vendors are prone to an insecure password generation vulnerability

The default configuration of the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 contains a known SSH private key, which makes it easier for remote attackers to obtain root access, and spoof alerts, via an SSH session. An attacker with SSH access to a device could use the key to log in with root privileges. Multiple Vendors EAS Devices are prone to an information-disclosure vulnerability

The web framework in IronPort AsyncOS on Cisco Web Security Appliance devices before 7.1.3-013, 7.5 before 7.5.0-838, and 7.7 before 7.7.0-550 allows remote authenticated users to execute arbitrary commands via crafted command-line input in a URL sent over IPv4, aka Bug ID CSCzv69294. Successfully exploiting this issue may allow an attacker to execute arbitrary commands with elevated privileges in context of the affected application. This issue being tracked by Cisco bug ID CSCzv69294. The appliance provides SaaS-based access control, real-time network reporting and tracking, and security policy formulation. This vulnerability stems from the failure to correctly filter the special URL submitted by the user

The web framework in IronPort AsyncOS on Cisco Web Security Appliance devices before 7.1.3-013, 7.5 before 7.5.0-838, and 7.7 before 7.7.0-550; Email Security Appliance devices before 7.1.5-104, 7.3 before 7.3.2-026, 7.5 before 7.5.2-203, and 7.6 before 7.6.3-019; and Content Security Management Appliance devices before 7.2.2-110, 7.7 before 7.7.0-213, and 7.8 and 7.9 before 7.9.1-102 allows remote authenticated users to execute arbitrary commands via crafted command-line input in a URL, aka Bug IDs CSCzv85726, CSCzv44633, and CSCzv24579. Vendors have confirmed this vulnerability Bug ID CSCzv85726 , CSCzv44633 ,and CSCzv24579 It is released as.By a remotely authenticated user URL An arbitrary command may be executed via a crafted command line input in the. Multiple Cisco products are prone to a remote command-injection vulnerability because they fail to properly sanitize user-supplied input. Successfully exploiting this issue may allow an attacker to execute arbitrary commands with elevated privileges in context of the affected application. This issue being tracked by Cisco bug IDs CSCzv44633, CSCzv85726, and CSCzv24579. ESA is an email security appliance. Content SMA is a set of content security management equipment. A command injection vulnerability exists in the web framework in IronPort AsyncOS

The management GUI in the web framework in IronPort AsyncOS on Cisco Web Security Appliance devices before 7.1.3-013, 7.5 before 7.5.0-838, and 7.7 before 7.7.0-602; Email Security Appliance devices before 7.1.5-106 and 7.3, 7.5, and 7.6 before 7.6.3-019; and Content Security Management Appliance devices before 7.9.1-102 and 8.0 before 8.0.0-404 allows remote attackers to cause a denial of service (system hang) via a series of (1) HTTP or (2) HTTPS requests to a management interface, aka Bug IDs CSCzv58669, CSCzv63329, and CSCzv78669. Vendors have confirmed this vulnerability Bug ID CSCzv58669 , CSCzv63329 ,and CSCzv78669 It is released as.To a management interface by a third party (1) HTTP Or (2) HTTPS Service disruption through a series of requests ( System hang ) There is a possibility of being put into a state. Multiple Cisco products are prone to a remote denial-of-service vulnerability. Successfully exploiting this issue allows remote attackers to cause denial-of-service conditions. This issue being tracked by Cisco bug IDs CSCzv63329, CSCzv58669, and CSCzv78669. Content SMA is a set of content security management equipment

The IronPort Spam Quarantine (ISQ) component in the web framework in IronPort AsyncOS on Cisco Email Security Appliance devices before 7.1.5-106 and 7.3, 7.5, and 7.6 before 7.6.3-019 and Content Security Management Appliance devices before 7.9.1-102 and 8.0 before 8.0.0-404 allows remote attackers to cause a denial of service (service crash or hang) via a high rate of TCP connection attempts, aka Bug IDs CSCzv25573 and CSCzv81712. Vendors have confirmed this vulnerability Bug ID CSCzv25573 ,and CSCzv81712 It is released as.By a third party, TCP Service disruption through connection attempt ( Service crash or hang ) There is a possibility of being put into a state. Multiple Cisco products is prone to a denial-of-service vulnerability. Successfully exploiting this issue allows remote attackers to cause denial-of-service conditions. This issue is being tracked by Cisco Bug IDs CSCzv25573 and CSCzv81712