ID
VAR-201704-0385
CVE
CVE-2014-4706
TITLE
plural Huawei Campus Buffer error vulnerability in product software
Trust: 0.8
DESCRIPTION
Huawei Campus S3700HI with software V200R001C00SPC300; Campus S5700 with software V200R002C00SPC100; Campus S7700 with software V200R003C00SPC300,V200R003C00SPC500; LSW S9700 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500; S2350 with software V200R003C00SPC300; S2750 with software V200R003C00SPC300; S5300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S5700 with software V200R001C00SPC300,V200R003C00SPC300; S6300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S6700 S3300HI with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S7700 with software V200R001C00SPC300; S9300 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500; S9300E with software V200R003C00SPC300,V200R003C00SPC500 allow attackers to keep sending malformed packets to cause a denial of service (DoS) attack, aka a heap overflow. plural Huawei Campus The product software contains a buffer error vulnerability.Service operation interruption (DoS) An attack may be carried out. Huawei's Campus switch is a series of switches introduced by Huawei. An attacker can exploit this vulnerability by using malformed packets to cause the device to restart abnormally. The following products and versions are affected: Huawei Campus S3700HI V200R001C00SPC300 Version; Campus S5700 V200R002C00SPC100 Version; Campus S7700 V200R003C00SPC300 Version, V200R003C00SPC500 Version; LSW S9700 V200R001C00SPC300 Version, V200R003C00SPC300 Version, V200R003C00SPC500 Version; S2350 V200R003C00SPC300 Version; S2750 V200R003C00SPC300 Version; S5300 V200R001C00SPC300 Version, V200R002C00SPC100 Version, V200R003C00SPC300 Version; S5700 V200R001C00SPC300 Version, V200R003C00SPC300 Version; S6300 V200R001C00SPC300 Version, V200R002C00SPC100 Version, V200R003C00SPC300 Version; S6700 S3300HI V200R001C00SPC300 Version, V200R002C00SPC100 Version, V200R003C00SPC300 Version; S7700 V200R001C00SPC300 Version; S9300 V200R001C00SPC300 Version, V200R003C00SPC300 Version, V200R003C00SPC500 Version; S9300E V200R003C00SPC300 Version , V200R003C00SPC500 version
Trust: 2.25
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | huawei | model: | campus s7700 | scope: | eq | version: | v200r003c00spc500 | Trust: 1.6 |
| vendor: | huawei | model: | s5700 | scope: | eq | version: | v200r003c00spc300 | Trust: 1.6 |
| vendor: | huawei | model: | s6700 | scope: | eq | version: | v200r003c00spc300 | Trust: 1.6 |
| vendor: | huawei | model: | s2350 | scope: | eq | version: | v200r003c00spc300 | Trust: 1.6 |
| vendor: | huawei | model: | lsw s9700 | scope: | eq | version: | v200r003c00spc300 | Trust: 1.6 |
| vendor: | huawei | model: | s6300 | scope: | eq | version: | v200r003c00spc300 | Trust: 1.6 |
| vendor: | huawei | model: | s9300 | scope: | eq | version: | v200r003c00spc500 | Trust: 1.6 |
| vendor: | huawei | model: | lsw s9700 | scope: | eq | version: | v200r003c00spc500 | Trust: 1.6 |
| vendor: | huawei | model: | s9300e | scope: | eq | version: | v200r003c00spc500 | Trust: 1.6 |
| vendor: | huawei | model: | s2750 | scope: | eq | version: | v200r003c00spc300 | Trust: 1.6 |
| vendor: | huawei | model: | s7700 v200r001c00spc300 | scope: | - | version: | - | Trust: 1.2 |
| vendor: | huawei | model: | s9300 | scope: | eq | version: | v200r001c00spc300 | Trust: 1.0 |
| vendor: | huawei | model: | s9300 | scope: | eq | version: | v200r003c00spc300 | Trust: 1.0 |
| vendor: | huawei | model: | lsw s9700 | scope: | eq | version: | v200r001c00spc300 | Trust: 1.0 |
| vendor: | huawei | model: | s9300e | scope: | eq | version: | v200r003c00spc300 | Trust: 1.0 |
| vendor: | huawei | model: | s5300 | scope: | eq | version: | v200r001c00spc300 | Trust: 1.0 |
| vendor: | huawei | model: | s6300 | scope: | eq | version: | v200r001c00spc300 | Trust: 1.0 |
| vendor: | huawei | model: | s6700 | scope: | eq | version: | v200r002c00spc100 | Trust: 1.0 |
| vendor: | huawei | model: | s5300 | scope: | eq | version: | v200r003c00spc300 | Trust: 1.0 |
| vendor: | huawei | model: | s3300hi | scope: | eq | version: | v200r001c00spc300 | Trust: 1.0 |
| vendor: | huawei | model: | campus s5700 | scope: | eq | version: | v200r002c00spc100 | Trust: 1.0 |
| vendor: | huawei | model: | s5700 | scope: | eq | version: | v200r001c00spc300 | Trust: 1.0 |
| vendor: | huawei | model: | s7700 | scope: | eq | version: | v200r001c00spc300 | Trust: 1.0 |
| vendor: | huawei | model: | s5300 | scope: | eq | version: | v200r002c00spc100 | Trust: 1.0 |
| vendor: | huawei | model: | s6300 | scope: | eq | version: | v200r002c00spc100 | Trust: 1.0 |
| vendor: | huawei | model: | campus s7700 | scope: | eq | version: | v200r003c00spc300 | Trust: 1.0 |
| vendor: | huawei | model: | s6700 | scope: | eq | version: | v200r001c00spc300 | Trust: 1.0 |
| vendor: | huawei | model: | campus s3700hi | scope: | eq | version: | v200r001c00spc300 | Trust: 1.0 |
| vendor: | huawei | model: | campus lsw s9700 | scope: | eq | version: | firmware | Trust: 0.8 |
| vendor: | huawei | model: | campus s2350 | scope: | eq | version: | firmware | Trust: 0.8 |
| vendor: | huawei | model: | campus s2750 | scope: | eq | version: | firmware | Trust: 0.8 |
| vendor: | huawei | model: | campus s3300hi | scope: | eq | version: | firmware | Trust: 0.8 |
| vendor: | huawei | model: | campus s3700hi | scope: | - | version: | - | Trust: 0.8 |
| vendor: | huawei | model: | campus s5300 | scope: | eq | version: | firmware | Trust: 0.8 |
| vendor: | huawei | model: | campus s5700 | scope: | eq | version: | firmware | Trust: 0.8 |
| vendor: | huawei | model: | campus s5700 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | huawei | model: | campus s6300 | scope: | eq | version: | firmware | Trust: 0.8 |
| vendor: | huawei | model: | campus s6700 | scope: | eq | version: | firmware | Trust: 0.8 |
| vendor: | huawei | model: | campus s7700 | scope: | eq | version: | firmware | Trust: 0.8 |
| vendor: | huawei | model: | campus s7700 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | huawei | model: | campus s9300 | scope: | eq | version: | firmware | Trust: 0.8 |
| vendor: | huawei | model: | campus s9300e | scope: | eq | version: | firmware | Trust: 0.8 |
| vendor: | huawei | model: | s9300 v200r001c00spc300 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | huawei | model: | s9300 v200r002c00spc100 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | huawei | model: | s9300 v200r003c00spc300 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | huawei | model: | campus s3700hi v200r001c00spc300 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | huawei | model: | s5700 v200r001c00spc300 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | huawei | model: | s5700 v200r003c00spc300 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | huawei | model: | s6700 s3300hi v200r001c00spc300 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | huawei | model: | s5300 v200r001c00spc300 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | huawei | model: | s5300 v200r003c00spc300 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | huawei | model: | s5300 v200r002c00spc100 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | huawei | model: | s6300 v200r001c00spc300 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | huawei | model: | s6300 v200r003c00spc300 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | huawei | model: | s6300 v200r002c00spc100 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | huawei | model: | lsw s9700 v200r001c00spc300 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | huawei | model: | lsw s9700 v200r003c00spc300 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | huawei | model: | lsw s9700 v200r003c00spc500 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | huawei | model: | campus s5700 v200r002c00spc100 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | huawei | model: | s9300e v200r002c00spc100 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | huawei | model: | s9300e v200r003c00spc300 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | huawei | model: | s6700 v200r002c00spc100 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | huawei | model: | s6700 v200r003c00spc300 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | huawei | model: | campus s7700 v200r002c00spc100 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | huawei | model: | campus s7700 v200r003c00spc300 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | huawei | model: | s2750 v200r003c00spc300 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | huawei | model: | s2350ei v200r003c00spc300 | scope: | - | version: | - | Trust: 0.6 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-119 | Trust: 1.9 |
THREAT TYPE
remote
Trust: 0.6
TYPE
buffer overflow
Trust: 0.6
CONFIGURATIONS
PATCH
| title: | Huawei-SA-20140604-01-Campus | url: | http://www.huawei.com/en/psirt/security-advisories/hw-343218 | Trust: 0.8 |
| title: | Huawei Campus series switch heap buffer overflow vulnerability patch | url: | https://www.cnvd.org.cn/patchInfo/show/92441 | Trust: 0.6 |
| title: | Huawei Campus Repair of Series Switch Buffer Error Vulnerabilities | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=69057 | Trust: 0.6 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2014-4706 | Trust: 3.1 |
| db: | JVNDB | id: | JVNDB-2014-008276 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201704-211 | Trust: 0.7 |
| db: | CNVD | id: | CNVD-2017-05106 | Trust: 0.6 |
| db: | VULHUB | id: | VHN-72647 | Trust: 0.1 |
REFERENCES
| url: | http://www.huawei.com/en/psirt/security-advisories/hw-343218 | Trust: 2.3 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4706 | Trust: 0.8 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2014-4706 | Trust: 0.8 |
SOURCES
| db: | CNVD | id: | CNVD-2017-05106 |
| db: | VULHUB | id: | VHN-72647 |
| db: | JVNDB | id: | JVNDB-2014-008276 |
| db: | CNNVD | id: | CNNVD-201704-211 |
| db: | NVD | id: | CVE-2014-4706 |
LAST UPDATE DATE
2024-11-23T22:17:59.048000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2017-05106 | date: | 2017-04-23T00:00:00 |
| db: | VULHUB | id: | VHN-72647 | date: | 2017-04-05T00:00:00 |
| db: | JVNDB | id: | JVNDB-2014-008276 | date: | 2017-05-02T00:00:00 |
| db: | CNNVD | id: | CNNVD-201704-211 | date: | 2017-04-06T00:00:00 |
| db: | NVD | id: | CVE-2014-4706 | date: | 2024-11-21T02:10:45.347 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2017-05106 | date: | 2017-04-23T00:00:00 |
| db: | VULHUB | id: | VHN-72647 | date: | 2017-04-02T00:00:00 |
| db: | JVNDB | id: | JVNDB-2014-008276 | date: | 2017-05-02T00:00:00 |
| db: | CNNVD | id: | CNNVD-201704-211 | date: | 2017-04-06T00:00:00 |
| db: | NVD | id: | CVE-2014-4706 | date: | 2017-04-02T20:59:00.280 |