Lucene search

[email protected]CVE-2015-8087

HistoryNov 19, 2015 - 8:59 p.m.

CVE-2015-8087

2015-11-1920:59:11

CWE-399

[email protected]

web.nvd.nist.gov

huawei

routers

vrf hopping

vulnerability

cve-2015-8087

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.8 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

64.5%

JSON

Huawei NE20E-S, NE40E-M, and NE40E-M2 routers with software before V800R007C10SPC100 and NE40E and NE80E routers with software before V800R007C00SPC100 allows remote attackers to send packets to other VPNs and conduct flooding attacks via a crafted MPLS forwarding packet, aka a “VPN routing and forwarding (VRF) hopping vulnerability.”

Affected configurations

NVD

Node

huaweine_router_softwareRange≤v800r006

huaweine_router_softwareRange≤v800r007c00

AND

huaweine20e-sMatch-

huaweine40e-mMatch-

huaweine40e-m2Match-

Node

huaweine_router_softwareRange≤v800r006

AND

huaweine40eMatch-

huaweine80eMatch-

CPENameOperatorVersion
huawei:ne_router_softwarehuawei ne router softwarelev800r006
huawei:ne_router_softwarehuawei ne router softwarelev800r007c00

CPE	Name	Operator	Version
huawei:ne_router_software	huawei ne router software	le	v800r006
huawei:ne_router_software	huawei ne router software	le	v800r007c00

References

www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-457933.htm

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.8 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

64.5%

JSON

Related for CVE-2015-8087

cvelist1 huawei1 prion1 nvd1