Sign-up

ID

VAR-201704-0463


CVE

CVE-2014-8572


TITLE

plural Huawei Service disruption in product software (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2014-008290

DESCRIPTION

Huawei AC6605 with software V200R001C00; AC6605 with software V200R002C00; ACU with software V200R001C00; ACU with software V200R002C00; S2300, S3300, S2700, S3700 with software V100R006C05 and earlier versions; S5300, S5700, S6300, S6700 with software V100R006, V200R001, V200R002, V200R003, V200R005C00SPC300 and earlier versions; S7700, S9300, S9300E, S9700 with software V100R006, V200R001, V200R002, V200R003, V200R005C00SPC300 and earlier versions could allow remote attackers to send a special SSH packet to the VRP device to cause a denial of service. plural Huawei Product software includes VRP Special to device SSH Packets are sent and service operation is interrupted (DoS) There are vulnerabilities that are put into a state.By a remote attacker, VRP Special to device SSH Packets are sent and service operation is interrupted (DoS) There is a possibility of being put into a state. HuaweiAC6605 is a wireless access controller product from China's Huawei company. A security vulnerability exists in the SSH module of several Huawei products. The vulnerability is caused by the lack of valid verification of a domain in the message content when the program processes the message. This vulnerability could be exploited by an attacker to cause a device service interruption using the VRP platform. The following products and versions are affected: Huawei AC6605 V200R001C00 Version, AC6605 V200R002C00 Version, ACU V200R001C00 Version, V200R002C00 Version, S2300/ S3300/S2700/ S3700 V100R006C05 and previous versions, S5300/ S5700/S6300/ S6700 V100R006 Version, V200R001 Version, V200R002 Version, V200R003, V200R005C00SPC300 and earlier versions, S7700/S9300/S9300E/S9700 V100R006, V200R001, V200R002, V200R003, V200R005C00SPC300 and earlier versions

Trust: 2.25

sources: NVD: CVE-2014-8572 // JVNDB: JVNDB-2014-008290 // CNVD: CNVD-2016-03649 // VULHUB: VHN-76517

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2016-03649

AFFECTED PRODUCTS

vendor:huaweimodel:s9700scope:eqversion:v200r002

Trust: 1.6

vendor:huaweimodel:s6300scope:eqversion:v200r002

Trust: 1.6

vendor:huaweimodel:s9700scope:eqversion:v200r003

Trust: 1.6

vendor:huaweimodel:s6300scope:eqversion:v200r003

Trust: 1.6

vendor:huaweimodel:s9700scope:eqversion:v100r006

Trust: 1.6

vendor:huaweimodel:s6300scope:eqversion:v100r006

Trust: 1.6

vendor:huaweimodel:s9700scope:eqversion:v200r001

Trust: 1.6

vendor:huaweimodel:s6300scope:eqversion:v200r001

Trust: 1.6

vendor:huaweimodel:s7700scope:eqversion:v200r003

Trust: 1.0

vendor:huaweimodel:s7700scope:eqversion:v200r002

Trust: 1.0

vendor:huaweimodel:s5700scope:eqversion:v100r006

Trust: 1.0

vendor:huaweimodel:s6700scope:eqversion:v200r001

Trust: 1.0

vendor:huaweimodel:s9300escope:eqversion:v200r001

Trust: 1.0

vendor:huaweimodel:acuscope:eqversion:acu_v200r002c00

Trust: 1.0

vendor:huaweimodel:s seriesscope:eqversion:v100r006c05

Trust: 1.0

vendor:huaweimodel:s6700scope:eqversion:v100r006

Trust: 1.0

vendor:huaweimodel:s5700scope:lteversion:v200r005c00spc300

Trust: 1.0

vendor:huaweimodel:s9300escope:eqversion:v100r006

Trust: 1.0

vendor:huaweimodel:s9300scope:eqversion:v200r003

Trust: 1.0

vendor:huaweimodel:s9300scope:eqversion:v200r002

Trust: 1.0

vendor:huaweimodel:s6700scope:lteversion:v200r005c00spc300

Trust: 1.0

vendor:huaweimodel:s9700scope:lteversion:v200r005c00spc300

Trust: 1.0

vendor:huaweimodel:s5300scope:eqversion:v200r003

Trust: 1.0

vendor:huaweimodel:s5300scope:eqversion:v200r002

Trust: 1.0

vendor:huaweimodel:s9300escope:lteversion:v200r005c00spc300

Trust: 1.0

vendor:huaweimodel:s7700scope:eqversion:v200r001

Trust: 1.0

vendor:huaweimodel:s7700scope:eqversion:v100r006

Trust: 1.0

vendor:huaweimodel:s6300scope:lteversion:v200r005c00spc300

Trust: 1.0

vendor:huaweimodel:acuscope:eqversion:acu_v200r001c00

Trust: 1.0

vendor:huaweimodel:s9300scope:eqversion:v200r001

Trust: 1.0

vendor:huaweimodel:ac6605scope:eqversion:ac6605_v200r001c00

Trust: 1.0

vendor:huaweimodel:s5700scope:eqversion:v200r003

Trust: 1.0

vendor:huaweimodel:s5700scope:eqversion:v200r002

Trust: 1.0

vendor:huaweimodel:s7700scope:lteversion:v200r005c00spc300

Trust: 1.0

vendor:huaweimodel:s5300scope:eqversion:v200r001

Trust: 1.0

vendor:huaweimodel:s6700scope:eqversion:v200r003

Trust: 1.0

vendor:huaweimodel:s6700scope:eqversion:v200r002

Trust: 1.0

vendor:huaweimodel:s9300scope:eqversion:v100r006

Trust: 1.0

vendor:huaweimodel:s9300escope:eqversion:v200r003

Trust: 1.0

vendor:huaweimodel:s9300escope:eqversion:v200r002

Trust: 1.0

vendor:huaweimodel:ac6605scope:eqversion:ac6605_v200r002c00

Trust: 1.0

vendor:huaweimodel:s5300scope:eqversion:v100r006

Trust: 1.0

vendor:huaweimodel:s5300scope:lteversion:v200r005c00spc300

Trust: 1.0

vendor:huaweimodel:s9300scope:lteversion:v200r005c00spc300

Trust: 1.0

vendor:huaweimodel:s5700scope:eqversion:v200r001

Trust: 1.0

vendor:huaweimodel:ac6605scope: - version: -

Trust: 0.8

vendor:huaweimodel:acuscope: - version: -

Trust: 0.8

vendor:huaweimodel:s5300scope: - version: -

Trust: 0.8

vendor:huaweimodel:s5700scope: - version: -

Trust: 0.8

vendor:huaweimodel:s6300scope: - version: -

Trust: 0.8

vendor:huaweimodel:s6700scope: - version: -

Trust: 0.8

vendor:huaweimodel:s7700scope: - version: -

Trust: 0.8

vendor:huaweimodel:s9300scope: - version: -

Trust: 0.8

vendor:huaweimodel:s9300escope: - version: -

Trust: 0.8

vendor:huaweimodel:s9700scope: - version: -

Trust: 0.8

vendor:huaweimodel:ac6605 v200r001c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:ac6605 v200r002c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:acu v200r001c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:acu v200r002c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s2300 <=v100r006c05scope: - version: -

Trust: 0.6

vendor:huaweimodel:s3300 <=v100r006c05scope: - version: -

Trust: 0.6

vendor:huaweimodel:s2700 <=v100r006c05scope: - version: -

Trust: 0.6

vendor:huaweimodel:s3700 <=v100r006c05scope: - version: -

Trust: 0.6

vendor:huaweimodel:s5300 v100r006scope: - version: -

Trust: 0.6

vendor:huaweimodel:s5300 v200r001scope: - version: -

Trust: 0.6

vendor:huaweimodel:s5300 v200r002scope: - version: -

Trust: 0.6

vendor:huaweimodel:s5300 v200r003scope: - version: -

Trust: 0.6

vendor:huaweimodel:s5300 <=v200r005c00spc300scope: - version: -

Trust: 0.6

vendor:huaweimodel:s5700 v100r006scope: - version: -

Trust: 0.6

vendor:huaweimodel:s5700 v200r001scope: - version: -

Trust: 0.6

vendor:huaweimodel:s5700 v200r002scope: - version: -

Trust: 0.6

vendor:huaweimodel:s5700 v200r003scope: - version: -

Trust: 0.6

vendor:huaweimodel:s5700 <=v200r005c00spc300scope: - version: -

Trust: 0.6

vendor:huaweimodel:s6300 v100r006scope: - version: -

Trust: 0.6

vendor:huaweimodel:s6300 v200r001scope: - version: -

Trust: 0.6

vendor:huaweimodel:s6300 v200r002scope: - version: -

Trust: 0.6

vendor:huaweimodel:s6300 v200r003scope: - version: -

Trust: 0.6

vendor:huaweimodel:s6300 <=v200r005c00spc300scope: - version: -

Trust: 0.6

vendor:huaweimodel:s6700 v100r006scope: - version: -

Trust: 0.6

vendor:huaweimodel:s6700 v200r001scope: - version: -

Trust: 0.6

vendor:huaweimodel:s6700 v200r002scope: - version: -

Trust: 0.6

vendor:huaweimodel:s6700 v200r003scope: - version: -

Trust: 0.6

vendor:huaweimodel:s6700 <=v200r005c00spc300scope: - version: -

Trust: 0.6

vendor:huaweimodel:s7700 v100r006scope: - version: -

Trust: 0.6

vendor:huaweimodel:s7700 v200r001scope: - version: -

Trust: 0.6

vendor:huaweimodel:s7700 v200r002scope: - version: -

Trust: 0.6

vendor:huaweimodel:s7700 v200r003scope: - version: -

Trust: 0.6

vendor:huaweimodel:s7700 <=v200r005c00spc300scope: - version: -

Trust: 0.6

vendor:huaweimodel:s9300 v100r006scope: - version: -

Trust: 0.6

vendor:huaweimodel:s9300 v200r001scope: - version: -

Trust: 0.6

vendor:huaweimodel:s9300 v200r002scope: - version: -

Trust: 0.6

vendor:huaweimodel:s9300 v200r003scope: - version: -

Trust: 0.6

vendor:huaweimodel:s9300 <=v200r005c00spc300scope: - version: -

Trust: 0.6

vendor:huaweimodel:s9300e v100r006scope: - version: -

Trust: 0.6

vendor:huaweimodel:s9300e v200r001scope: - version: -

Trust: 0.6

vendor:huaweimodel:s9300e v200r002scope: - version: -

Trust: 0.6

vendor:huaweimodel:s9300e v200r003scope: - version: -

Trust: 0.6

vendor:huaweimodel:s9300e <=v200r005c00spc300scope: - version: -

Trust: 0.6

vendor:huaweimodel:s9700 v100r006scope: - version: -

Trust: 0.6

vendor:huaweimodel:s9700 v200r001scope: - version: -

Trust: 0.6

vendor:huaweimodel:s9700 v200r002scope: - version: -

Trust: 0.6

vendor:huaweimodel:s9700 v200r003scope: - version: -

Trust: 0.6

vendor:huaweimodel:s9700 <=v200r005c00spc300scope: - version: -

Trust: 0.6

vendor:huaweimodel:s6300scope:eqversion:v200r005c00spc300

Trust: 0.6

vendor:huaweimodel:s7700scope:eqversion:v200r005c00spc300

Trust: 0.6

sources: CNVD: CNVD-2016-03649 // JVNDB: JVNDB-2014-008290 // CNNVD: CNNVD-201605-577 // NVD: CVE-2014-8572

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-8572
value: HIGH

Trust: 1.0

NVD: CVE-2014-8572
value: HIGH

Trust: 0.8

CNVD: CNVD-2016-03649
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201605-577
value: HIGH

Trust: 0.6

VULHUB: VHN-76517
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2014-8572
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2016-03649
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-76517
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2014-8572
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2016-03649 // VULHUB: VHN-76517 // JVNDB: JVNDB-2014-008290 // CNNVD: CNNVD-201605-577 // NVD: CVE-2014-8572

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-76517 // JVNDB: JVNDB-2014-008290 // NVD: CVE-2014-8572

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201605-577

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201605-577

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-008290

PATCH
title:Huawei-SA-20141010-01-VRPurl:http://www.huawei.com/en/psirt/security-advisories/hw-373182
Trust: 0.8
title:Patches for various Huawei Product Denial of Service Vulnerabilities (CNVD-2016-03649)url:https://www.cnvd.org.cn/patchInfo/show/76517
Trust: 0.6
title:Multiple Huawei Product security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=61890
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2016-03649 // 
            
            
            
            JVNDB: JVNDB-2014-008290 // 
            
            
            
            CNNVD: CNNVD-201605-577

EXTERNAL IDS
db:NVDid:CVE-2014-8572
Trust: 3.1
db:JVNDBid:JVNDB-2014-008290
Trust: 0.8
db:CNNVDid:CNNVD-201605-577
Trust: 0.7
db:CNVDid:CNVD-2016-03649
Trust: 0.6
db:VULHUBid:VHN-76517
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2016-03649 // 
            
            
            
            VULHUB: VHN-76517 // 
            
            
            
            JVNDB: JVNDB-2014-008290 // 
            
            
            
            CNNVD: CNNVD-201605-577 // 
            
            
            
            NVD: CVE-2014-8572

REFERENCES
url:http://www.huawei.com/en/psirt/security-advisories/hw-373182
Trust: 1.7
url:http://www.huawei.com/cn/psirt/security-advisories/hw-373183
Trust: 1.2
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8572
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2014-8572
Trust: 0.8
sources:
            
            
            CNVD: CNVD-2016-03649 // 
            
            
            
            VULHUB: VHN-76517 // 
            
            
            
            JVNDB: JVNDB-2014-008290 // 
            
            
            
            CNNVD: CNNVD-201605-577 // 
            
            
            
            NVD: CVE-2014-8572

CREDITS
Huawei
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201605-577

SOURCES
db:CNVDid:CNVD-2016-03649
db:VULHUBid:VHN-76517
db:JVNDBid:JVNDB-2014-008290
db:CNNVDid:CNNVD-201605-577
db:NVDid:CVE-2014-8572

LAST UPDATE DATE
2024-11-23T22:30:49.158000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2016-03649date:2016-05-27T00:00:00
db:VULHUBid:VHN-76517date:2017-04-11T00:00:00
db:JVNDBid:JVNDB-2014-008290date:2017-05-09T00:00:00
db:CNNVDid:CNNVD-201605-577date:2016-05-23T00:00:00
db:NVDid:CVE-2014-8572date:2024-11-21T02:19:21.723

SOURCES RELEASE DATE
db:CNVDid:CNVD-2016-03649date:2016-05-27T00:00:00
db:VULHUBid:VHN-76517date:2017-04-02T00:00:00
db:JVNDBid:JVNDB-2014-008290date:2017-05-09T00:00:00
db:CNNVDid:CNNVD-201605-577date:2016-05-23T00:00:00
db:NVDid:CVE-2014-8572date:2017-04-02T20:59:00.423