CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
Percentile
69.6%
A security vulnerability exists in Rivest Cipher 4 (RC4) used by TLS and SSL protocols. RC4 cannot provide sufficient data protection. After listening to an SSL or TLS connection, an attacker can obtain plaintext data by brute force cracking. This vulnerability is also called Bar Mitzvah. (Vulnerability ID: HWPSIRT-2015-03025)
This Vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2015-2808.
Vendor | Product | Version | CPE |
---|---|---|---|
huawei | e6000_chassis_firmware | v100r001c00 | cpe:2.3:o:huawei:e6000_chassis_firmware:v100r001c00:*:*:*:*:*:*:* |
huawei | e9000_chassis | v100r001c00 | cpe:2.3:a:huawei:e9000_chassis:v100r001c00:*:*:*:*:*:*:* |
huawei | oceanstor_18500_firmware | v100r001c00 | cpe:2.3:o:huawei:oceanstor_18500_firmware:v100r001c00:*:*:*:*:*:*:* |
huawei | oceanstor_18500_firmware | v100r001c10 | cpe:2.3:o:huawei:oceanstor_18500_firmware:v100r001c10:*:*:*:*:*:*:* |
huawei | oceanstor_18800_firmware | v100r001c00 | cpe:2.3:o:huawei:oceanstor_18800_firmware:v100r001c00:*:*:*:*:*:*:* |
huawei | oceanstor_18800_firmware | v100r001c10 | cpe:2.3:o:huawei:oceanstor_18800_firmware:v100r001c10:*:*:*:*:*:*:* |
huawei | oceanstor_18800_firmware | v100r001c20 | cpe:2.3:o:huawei:oceanstor_18800_firmware:v100r001c20:*:*:*:*:*:*:* |
huawei | oceanstor_18800_firmware | v100r001c30 | cpe:2.3:o:huawei:oceanstor_18800_firmware:v100r001c30:*:*:*:*:*:*:* |
huawei | oceanstor_18800f_firmware | v100r001c00 | cpe:2.3:o:huawei:oceanstor_18800f_firmware:v100r001c00:*:*:*:*:*:*:* |
huawei | oceanstor_18800f_firmware | v100r001c10 | cpe:2.3:o:huawei:oceanstor_18800f_firmware:v100r001c10:*:*:*:*:*:*:* |