5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.002 Low
EPSS
Percentile
64.4%
A VPN routing and forwarding (VRF) hopping vulnerability exists in Huawei routers. The routers do not strictly check received MPLS forwarding packets, and an attacker may exploit this vulnerability to forward crafted packets to MPLS links, which leads to flood attacks against the destination VPN. (Vulnerability ID: HWPSIRT-2015-07005)
This vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2015-8087.
Huawei has released software updates to fix these vulnerabilities. This advisory is available at the following link:
<http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-457933.htm>
CPE | Name | Operator | Version |
---|---|---|---|
ne20e-s | eq | V800R006 | |
ne20e-s | eq | V800R007C00 | |
ne40e&ne80e | eq | V800R006 | |
ne40e-m& ne40e-m2 | eq | V800R006 | |
ne40e-m& ne40e-m2 | eq | V800R007C00 |