Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
huaweiHuawei TechnologiesHUAWEI-SA-20150919-01-RC4
HistorySep 19, 2015 - 12:00 a.m.

Security Advisory - Bar Mitzvah Attack Vulnerability in Huawei Products

2015-09-1900:00:00
Huawei Technologies
www.huawei.com
23

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

EPSS

0.003

Percentile

69.6%

JSON

A security vulnerability exists in Rivest Cipher 4 (RC4) used by TLS and SSL protocols. RC4 cannot provide sufficient data protection. After listening to an SSL or TLS connection, an attacker can obtain plaintext data by brute force cracking. This vulnerability is also called Bar Mitzvah. (Vulnerability ID: HWPSIRT-2015-03025)

This Vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2015-2808.

Affected configurations

Vulners
Node
huaweie6000_chassis_firmwareMatchv100r001c00
OR
huaweie9000_chassisMatchv100r001c00
OR
huaweioceanstor_18500_firmwareMatchv100r001c00
OR
huaweioceanstor_18500_firmwareMatchv100r001c10
OR
huaweioceanstor_18800_firmwareMatchv100r001c00
OR
huaweioceanstor_18800_firmwareMatchv100r001c10
OR
huaweioceanstor_18800_firmwareMatchv100r001c20
OR
huaweioceanstor_18800_firmwareMatchv100r001c30
OR
huaweioceanstor_18800f_firmwareMatchv100r001c00
OR
huaweioceanstor_18800f_firmwareMatchv100r001c10
OR
huaweioceanstor_18800f_firmwareMatchv100r001c20
OR
huaweioceanstor_18800f_firmwareMatchv100r001c30
OR
huaweioceanstor_9000_firmwareMatchv100r001c01
OR
huaweioceanstor_cse_firmwareMatchv100r002c00lsfm01
OR
huaweioceanstor_hvs85t_firmwareMatchv100r001c00
OR
huaweioceanstor_hvs85t_firmwareMatchv100r001c30
OR
huaweioceanstor_replicationdirectorMatchv100r003c00
OR
huaweioceanstor_s2600t_firmwareMatchv200r002c00
OR
huaweioceanstor_s2600t_firmwareMatchv200r002c10
OR
huaweioceanstor_s2600t_firmwareMatchv200r002c20
OR
huaweioceanstor_s2600t_firmwareMatchv200r002c30
OR
huaweioceanstor_s5500t_firmwareMatchv200r002c00
OR
huaweioceanstor_s5500t_firmwareMatchv200r002c10
OR
huaweioceanstor_s5600t_firmwareMatchv200r002c00
OR
huaweioceanstor_s5600t_firmwareMatchv200r002c10
OR
huaweioceanstor_s5800t_firmwareMatchv200r001c00spc800
OR
huaweioceanstor_s5800t_firmwareMatchv200r002c00
OR
huaweioceanstor_s5800t_firmwareMatchv200r002c10
OR
huaweioceanstor_s6800t_firmwareMatchv200r002c00
OR
huaweioceanstor_s6800t_firmwareMatchv200r002c10
OR
huaweioceanstor_vis6600t_firmwareMatchv200r003c10
OR
huaweipolicy_center_firmwareMatchv100r003c00
OR
huaweipolicy_center_firmwareMatchv100r003c10
OR
huaweiquidway_s9300_firmwareMatchv100r006c00b010
OR
huaweis7700_firmwareRange<V200R006
OR
huawei9700_firmwareRange<V200R006
OR
huaweis12700_firmwareRange<V200R006
OR
huaweis7700_firmwareMatchv200r007c00spc500
OR
huawei9700_firmwareMatchv200r007c00spc500
OR
huaweis12700_firmwareMatchv200r007c00spc500
OR
huaweis2700_firmwareMatchv100r006c05
OR
huaweis3700_firmwareMatchv100r006c05
OR
huaweis5700ei_firmwareRange<V200R005
OR
huaweis5700hi_firmwareRange<V200R005
OR
huaweis5700si_firmwareRange<V200R005
OR
huaweis5710ei_firmwareRange<V200R005
OR
huaweis5710hi_firmwareRange<V200R005
OR
huaweis6700_firmwareRange<V200R005
OR
huaweis2750_firmwareMatchv200r006c00spc300
OR
huaweis5700li_firmwareMatchv200r006c00spc300
OR
huaweis5700s-li_firmwareMatchv200r006c00spc300
OR
huaweis5720hi_firmwareMatchv200r006c00spc300
OR
huaweis2750_firmwareMatchv200r007c00spc500
OR
huaweis5700li_firmwareMatchv200r007c00spc500
OR
huaweis5700s-li_firmwareMatchv200r007c00spc500
OR
huaweis5720hi_firmwareMatchv200r007c00spc500
OR
huaweis5720ei_firmwareMatchv200r007c00spc500
OR
huaweismc2.0_firmwareMatchv100r002c01
OR
huaweismc2.0_firmwareMatchv100r002c02
OR
huaweismc2.0_firmwareMatchv100r002c03
OR
huaweismc2.0_firmwareMatchv100r002c04
OR
huaweite60_firmwareMatchv100r001c10
OR
huaweiultravrMatchv100r003c00
VendorProductVersionCPE
huaweie6000_chassis_firmwarev100r001c00cpe:2.3:o:huawei:e6000_chassis_firmware:v100r001c00:*:*:*:*:*:*:*
huaweie9000_chassisv100r001c00cpe:2.3:a:huawei:e9000_chassis:v100r001c00:*:*:*:*:*:*:*
huaweioceanstor_18500_firmwarev100r001c00cpe:2.3:o:huawei:oceanstor_18500_firmware:v100r001c00:*:*:*:*:*:*:*
huaweioceanstor_18500_firmwarev100r001c10cpe:2.3:o:huawei:oceanstor_18500_firmware:v100r001c10:*:*:*:*:*:*:*
huaweioceanstor_18800_firmwarev100r001c00cpe:2.3:o:huawei:oceanstor_18800_firmware:v100r001c00:*:*:*:*:*:*:*
huaweioceanstor_18800_firmwarev100r001c10cpe:2.3:o:huawei:oceanstor_18800_firmware:v100r001c10:*:*:*:*:*:*:*
huaweioceanstor_18800_firmwarev100r001c20cpe:2.3:o:huawei:oceanstor_18800_firmware:v100r001c20:*:*:*:*:*:*:*
huaweioceanstor_18800_firmwarev100r001c30cpe:2.3:o:huawei:oceanstor_18800_firmware:v100r001c30:*:*:*:*:*:*:*
huaweioceanstor_18800f_firmwarev100r001c00cpe:2.3:o:huawei:oceanstor_18800f_firmware:v100r001c00:*:*:*:*:*:*:*
huaweioceanstor_18800f_firmwarev100r001c10cpe:2.3:o:huawei:oceanstor_18800f_firmware:v100r001c10:*:*:*:*:*:*:*
Rows per page:
1-10 of 631

Related

ibm 173
veracode 1
nessus 12
openvas 3
f5 2
debiancve 1
prion 1
cve 1
nvd 1
aix 1
ubuntucve 1
cvelist 1
checkpoint_advisories 1
ibm
ibm
Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Intelligent Operations Center (CVE-2015-2808)
2018-06-17 22:28:25
Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Tivoli Monitoring (CVE-2015-2808)
2018-06-17 15:23:36
Security Bulletin: Vulnerability in RC4 stream cipher affects WebSphere Lombardi Edition and IBM Business Process Manager (CVE-2015-2808)
2018-06-15 07:02:56
veracode
veracode
Information Disclosure
2019-05-02 05:39:15
nessus
nessus
Atlassian JIRA < 6.4.10 / 7.0.0-OD-02 MitM Plaintext Disclosure (Bar Mitzvah)
2015-12-07 00:00:00
AIX 6.1 TL 9 : bos.net.tcp.server (U863668) (Bar Mitzvah)
2015-12-04 00:00:00
F5 Networks BIG-IP : SSL/TLS RC4 vulnerability (K16864) (Bar Mitzvah)
2015-09-18 00:00:00
openvas
openvas
F5 BIG-IP - SSL/TLS RC4 vulnerability CVE-2015-2808
2015-09-18 00:00:00
SSL/TLS: Report Weak Cipher Suites
2012-03-01 00:00:00
HPE Network Products Multiple Remote Vulnerabilities (HPSBHF03673)
2016-11-25 00:00:00
f5
f5
K16864 : SSL/TLS RC4 vulnerability CVE-2015-2808
2015-08-17 00:00:00
SOL16864 - SSL/TLS RC4 vulnerability CVE-2015-2808
2015-07-08 00:00:00
debiancve
debiancve
CVE-2015-2808
2015-04-01 02:00:35
prion
prion
Design/Logic Flaw
2015-04-01 02:00:00
cve
cve
CVE-2015-2808
2015-04-01 02:00:35
nvd
nvd
CVE-2015-2808
2015-04-01 02:00:35
aix
aix
Vulnerability in RC4 stream cipher affects AIX,Vulnerability in RC4 stream cipher affects ftpd/sendmail_ssl/imapd/popd on AIX,Vulnerability in RC4 stream cipher affects ftpd/sendmail_ssl/imapd/popd on VIOS
2015-04-27 15:27:04
ubuntucve
ubuntucve
CVE-2015-2808
2015-03-31 00:00:00
cvelist
cvelist
CVE-2015-2808
2015-04-01 00:00:00
checkpoint_advisories
checkpoint_advisories
Weak SSL RC4 Cipher Suites (CVE-2013-2566; CVE-2015-2808)
2015-05-17 00:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

EPSS

0.003

Percentile

69.6%

JSON
Related for HUAWEI-SA-20150919-01-RC4
ibm173veracode1nessus12openvas3f52debiancve1prion1cve1nvd1aix1ubuntucve1cvelist1checkpoint_advisories1