CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS
Percentile
40.4%
VRP (Versatile Routing Platform) has been developed by Huawei to provide improved IP routing services. The VRP has been widely applied to network devices, including high-end and low-end switches and routers, wireless and transmission devices.
Information leakage vulnerability exists in several devices using VRP platform, because the MPLS LSP Ping service is bound to unnecessary interfaces, which can cause the leak of IP addresses of devices (Vulnerability ID: HWPSIRT-2014-0418).
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2014-8570.
Vendor | Product | Version | CPE |
---|---|---|---|
huawei | s9300_firmware | v100r002 | cpe:2.3:a:huawei:s9300_firmware:v100r002:*:*:*:*:*:*:* |
huawei | s9300_firmware | v100r003 | cpe:2.3:a:huawei:s9300_firmware:v100r003:*:*:*:*:*:*:* |
huawei | s9300_firmware | v100r006 | cpe:2.3:a:huawei:s9300_firmware:v100r006:*:*:*:*:*:*:* |
huawei | s9300_firmware | v200r001 | cpe:2.3:a:huawei:s9300_firmware:v200r001:*:*:*:*:*:*:* |
huawei | s9300_firmware | v200r002 | cpe:2.3:a:huawei:s9300_firmware:v200r002:*:*:*:*:*:*:* |
huawei | s9300_firmware | v200r003 | cpe:2.3:a:huawei:s9300_firmware:v200r003:*:*:*:*:*:*:* |
huawei | s9300_firmware | v200r005 | cpe:2.3:a:huawei:s9300_firmware:v200r005:*:*:*:*:*:*:* |
huawei | s9303_firmware | v100r002 | cpe:2.3:o:huawei:s9303_firmware:v100r002:*:*:*:*:*:*:* |
huawei | s9303_firmware | v100r003 | cpe:2.3:o:huawei:s9303_firmware:v100r003:*:*:*:*:*:*:* |
huawei | s9303_firmware | v100r006 | cpe:2.3:o:huawei:s9303_firmware:v100r006:*:*:*:*:*:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS
Percentile
40.4%