Sign-up

ID

VAR-201601-0435


CVE

CVE-2015-8231


TITLE

Huawei eSpace 7910 and eSpace 7950 IP phone Service disruption in other software (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2015-006728

DESCRIPTION

Huawei eSpace 7910 and 7950 IP phones with software before V200R002C00SPC800 allow remote attackers with established sessions to cause a denial of service (device restart) via unspecified packets. HuaweieSpace 7910 and 7950 are both Huawei's 7910 and 7950 series IP phones. A security vulnerability exists in the HuaweieSpace 7910 and 7950 IPphone that uses the previous version of the V200R002C00SPC800. Multiple Huawei eSpace products are prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause a denial-of-service condition, denying service to legitimate users. Security vulnerabilities exist in the Huawei eSpace 7910 and 7950 IP phones that use software versions earlier than V200R002C00SPC800

Trust: 2.52

sources: NVD: CVE-2015-8231 // JVNDB: JVNDB-2015-006728 // CNVD: CNVD-2016-00211 // BID: 77561 // VULHUB: VHN-86192

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2016-00211

AFFECTED PRODUCTS

vendor:huaweimodel:espace 7910scope:eqversion:v200r002c00spc101

Trust: 1.6

vendor:huaweimodel:espace 7950scope:eqversion:v200r002c00spc700

Trust: 1.6

vendor:huaweimodel:espace 7950scope:eqversion:v200r002c00spc100

Trust: 1.6

vendor:huaweimodel:espace 7910scope:eqversion:v200r002c00spc600

Trust: 1.6

vendor:huaweimodel:espace 7950scope:eqversion:v200r002c00spc300

Trust: 1.6

vendor:huaweimodel:espace 7910scope:eqversion:v200r002c00spc700

Trust: 1.6

vendor:huaweimodel:espace 7950scope:eqversion:v200r002c00spc101

Trust: 1.6

vendor:huaweimodel:espace 7910scope:eqversion:v200r002c00spc100

Trust: 1.6

vendor:huaweimodel:espace 7910scope:eqversion:v200r002c00spc300

Trust: 1.6

vendor:huaweimodel:espace 7950scope:eqversion:v200r002c00spc600

Trust: 1.6

vendor:huaweimodel:espace 7910scope: - version: -

Trust: 0.8

vendor:huaweimodel:espace 7910scope:ltversion:v200r002c00spc800

Trust: 0.8

vendor:huaweimodel:espace 7950scope: - version: -

Trust: 0.8

vendor:huaweimodel:espace 7950scope:ltversion:v200r002c00spc800

Trust: 0.8

vendor:huaweimodel:espace and ip phonescope:eqversion:79107950

Trust: 0.6

sources: CNVD: CNVD-2016-00211 // JVNDB: JVNDB-2015-006728 // CNNVD: CNNVD-201601-178 // NVD: CVE-2015-8231

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-8231
value: HIGH

Trust: 1.0

NVD: CVE-2015-8231
value: HIGH

Trust: 0.8

CNVD: CNVD-2016-00211
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201601-178
value: HIGH

Trust: 0.6

VULHUB: VHN-86192
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2015-8231
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2016-00211
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-86192
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2015-8231
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.0

sources: CNVD: CNVD-2016-00211 // VULHUB: VHN-86192 // JVNDB: JVNDB-2015-006728 // CNNVD: CNNVD-201601-178 // NVD: CVE-2015-8231

PROBLEMTYPE DATA

problemtype:CWE-399

Trust: 1.9

sources: VULHUB: VHN-86192 // JVNDB: JVNDB-2015-006728 // NVD: CVE-2015-8231

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201601-178

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201601-178

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-006728

PATCH
title:Huawei-SA-20151111-01-eSpaceurl:http://www.huawei.com/en/psirt/security-advisories/hw-461213
Trust: 0.8
title:HuaweieSpace7910 and 7950 IPphone denial of service vulnerability patchesurl:https://www.cnvd.org.cn/patchInfo/show/69897
Trust: 0.6
title:Huawei eSpace 7910  and 7950 IP phone Remediation of resource management error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59532
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2016-00211 // 
            
            
            
            JVNDB: JVNDB-2015-006728 // 
            
            
            
            CNNVD: CNNVD-201601-178

EXTERNAL IDS
db:NVDid:CVE-2015-8231
Trust: 3.4
db:JVNDBid:JVNDB-2015-006728
Trust: 0.8
db:CNVDid:CNVD-2016-00211
Trust: 0.6
db:CNNVDid:CNNVD-201601-178
Trust: 0.6
db:BIDid:77561
Trust: 0.4
db:VULHUBid:VHN-86192
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2016-00211 // 
            
            
            
            VULHUB: VHN-86192 // 
            
            
            
            BID: 77561 // 
            
            
            
            JVNDB: JVNDB-2015-006728 // 
            
            
            
            CNNVD: CNNVD-201601-178 // 
            
            
            
            NVD: CVE-2015-8231

REFERENCES
url:http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-461213.htm
Trust: 2.3
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8231
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8231
Trust: 0.8
sources:
            
            
            CNVD: CNVD-2016-00211 // 
            
            
            
            VULHUB: VHN-86192 // 
            
            
            
            JVNDB: JVNDB-2015-006728 // 
            
            
            
            CNNVD: CNNVD-201601-178 // 
            
            
            
            NVD: CVE-2015-8231

CREDITS
Huawei
Trust: 0.3
sources:
            
            
            BID: 77561

SOURCES
db:CNVDid:CNVD-2016-00211
db:VULHUBid:VHN-86192
db:BIDid:77561
db:JVNDBid:JVNDB-2015-006728
db:CNNVDid:CNNVD-201601-178
db:NVDid:CVE-2015-8231

LAST UPDATE DATE
2024-11-23T22:18:17.179000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2016-00211date:2016-01-14T00:00:00
db:VULHUBid:VHN-86192date:2016-01-12T00:00:00
db:BIDid:77561date:2016-07-05T22:02:00
db:JVNDBid:JVNDB-2015-006728date:2016-01-13T00:00:00
db:CNNVDid:CNNVD-201601-178date:2016-01-15T00:00:00
db:NVDid:CVE-2015-8231date:2024-11-21T02:38:08.303

SOURCES RELEASE DATE
db:CNVDid:CNVD-2016-00211date:2016-01-14T00:00:00
db:VULHUBid:VHN-86192date:2016-01-11T00:00:00
db:BIDid:77561date:2015-11-11T00:00:00
db:JVNDBid:JVNDB-2015-006728date:2016-01-13T00:00:00
db:CNNVDid:CNNVD-201601-178date:2016-01-12T00:00:00
db:NVDid:CVE-2015-8231date:2016-01-11T15:59:03.493