Sign-up

ID

VAR-201706-0237


CVE

CVE-2015-3913


TITLE

plural Huawei Campus Series switch model IP Service operation disruption in the stack (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2015-007610

DESCRIPTION

The IP stack in multiple Huawei Campus series switch models allows remote attackers to cause a denial of service (reboot) via a crafted ICMP request message. HuaweiS2300 is a switch device of Huawei (Huawei). IPstack is one of the transport protocols. IPstack in several Huawei products has a security vulnerability. The vulnerability stems from the failure of the packet processing module to correctly determine the length of the IP option. An attacker can use this vulnerability to create a board reset by using a special ICMP packet. The following versions are affected: Huawei S2300/S2700/S3300/S3700 V100R00600 Version, V100R006C03 Version, V100R006C05 Version; S5300EI/S5700EI/S5300SI/S5700SI V100R006C00 Version, V200R001C00SPC300 Version, V200R002C00SPC300 Version, V200R003C00SPC300 Version, V200R005C00SPC300 Version; S5300HI/S5700HI S6300EI/S6700EI /S5710HI V200R001C00SPC300 Version, V200R002C00SPC300 Version, V200R003C00SPC300 Version, V200R005C00SPC300 Version; S5300LI/S5700LI/S2350EI/S2750EI V200R001C00SPC300 Version, V200R002C00SPC300 Version, V200R003C00SPC300 Version, V200R005C00SPC300 Version, V200R006C00SPC500 Version, V200R007C00SPC500 Version; S5720HI V200R006C00SPC500 Version, V200R007C00SPC500 Version; S7700/S9300/ S9700 V200R001C00SPC300, V200R002C00SPC300, V200R003C00SPC500, V200R005C00SPC300, V200R006C00SPC500, V200R007C00SPC500; S12700

Trust: 2.25

sources: NVD: CVE-2015-3913 // JVNDB: JVNDB-2015-007610 // CNVD: CNVD-2017-33208 // VULHUB: VHN-81874

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2017-33208

AFFECTED PRODUCTS

vendor:huaweimodel:s6300eiscope:eqversion:v200r001c00spc300

Trust: 1.6

vendor:huaweimodel:s2700scope:eqversion:v100r006c03

Trust: 1.6

vendor:huaweimodel:s2300scope:eqversion:v100r006c03

Trust: 1.6

vendor:huaweimodel:s2700scope:eqversion:v100r006c00

Trust: 1.6

vendor:huaweimodel:s2300scope:eqversion:v100r006c00

Trust: 1.6

vendor:huaweimodel:s5300eiscope:eqversion:v200r001c00spc300

Trust: 1.6

vendor:huaweimodel:s5300eiscope:eqversion:v100r006c00

Trust: 1.6

vendor:huaweimodel:s2700scope:eqversion:v100r006c05

Trust: 1.6

vendor:huaweimodel:s2300scope:eqversion:v100r006c05

Trust: 1.6

vendor:huaweimodel:s5300eiscope:eqversion:v200r003c00spc300

Trust: 1.6

vendor:huaweimodel:s5700hiscope:eqversion:v200r005c00spc300

Trust: 1.0

vendor:huaweimodel:s5700siscope:eqversion:v200r005c00spc300

Trust: 1.0

vendor:huaweimodel:s5300hiscope:eqversion:v200r003c00spc300

Trust: 1.0

vendor:huaweimodel:s3300scope:eqversion:v100r006c05

Trust: 1.0

vendor:huaweimodel:s12700scope:eqversion:v200r007c00spc500

Trust: 1.0

vendor:huaweimodel:s5300liscope:eqversion:v200r006c00spc500

Trust: 1.0

vendor:huaweimodel:s5300siscope:eqversion:v100r006c00

Trust: 1.0

vendor:huaweimodel:s5300liscope:eqversion:v200r002c00spc300

Trust: 1.0

vendor:huaweimodel:s9300scope:eqversion:v200r003c00spc500

Trust: 1.0

vendor:huaweimodel:s5700liscope:eqversion:v200r003c00spc300

Trust: 1.0

vendor:huaweimodel:s9700scope:eqversion:v200r002c00spc300

Trust: 1.0

vendor:huaweimodel:s6700eiscope:eqversion:v200r002c00spc300

Trust: 1.0

vendor:huaweimodel:s6300eiscope:eqversion:v200r002c00spc300

Trust: 1.0

vendor:huaweimodel:s5700siscope:eqversion:v100r006c00

Trust: 1.0

vendor:huaweimodel:s9300scope:eqversion:v200r001c00spc300

Trust: 1.0

vendor:huaweimodel:s7700scope:eqversion:v200r002c00spc300

Trust: 1.0

vendor:huaweimodel:s5700hiscope:eqversion:v200r003c00spc300

Trust: 1.0

vendor:huaweimodel:s5700siscope:eqversion:v200r003c00spc300

Trust: 1.0

vendor:huaweimodel:s2750eiscope:eqversion:v200r005c00spc300

Trust: 1.0

vendor:huaweimodel:s5300hiscope:eqversion:v200r002c00spc300

Trust: 1.0

vendor:huaweimodel:s5710hiscope:eqversion:v200r001c00spc300

Trust: 1.0

vendor:huaweimodel:s9700scope:eqversion:v200r003c00spc500

Trust: 1.0

vendor:huaweimodel:s5300siscope:eqversion:v200r001c00spc300

Trust: 1.0

vendor:huaweimodel:s2350eiscope:eqversion:v200r002c00spc300

Trust: 1.0

vendor:huaweimodel:s9300scope:eqversion:v200r002c00spc300

Trust: 1.0

vendor:huaweimodel:s2750eiscope:eqversion:v200r006c00spc500

Trust: 1.0

vendor:huaweimodel:s5700eiscope:eqversion:v200r005c00spc300

Trust: 1.0

vendor:huaweimodel:s5710hiscope:eqversion:v200r005c00spc300

Trust: 1.0

vendor:huaweimodel:s3700scope:eqversion:v100r006c05

Trust: 1.0

vendor:huaweimodel:s5700liscope:eqversion:v200r002c00spc300

Trust: 1.0

vendor:huaweimodel:s5300siscope:eqversion:v200r005c00spc300

Trust: 1.0

vendor:huaweimodel:s5300eiscope:eqversion:v200r005c00spc300

Trust: 1.0

vendor:huaweimodel:s5700siscope:eqversion:v200r001c00spc300

Trust: 1.0

vendor:huaweimodel:s2750eiscope:eqversion:v200r007c00spc500

Trust: 1.0

vendor:huaweimodel:s7700scope:eqversion:v200r003c00spc500

Trust: 1.0

vendor:huaweimodel:s5700eiscope:eqversion:v100r006c00

Trust: 1.0

vendor:huaweimodel:s9700scope:eqversion:v200r001c00spc300

Trust: 1.0

vendor:huaweimodel:s3300scope:eqversion:v100r006c00

Trust: 1.0

vendor:huaweimodel:s9700scope:eqversion:v200r005c00spc300

Trust: 1.0

vendor:huaweimodel:s2750eiscope:eqversion:v200r003c00spc300

Trust: 1.0

vendor:huaweimodel:s3300scope:eqversion:v100r006c03

Trust: 1.0

vendor:huaweimodel:s5700hiscope:eqversion:v200r002c00spc300

Trust: 1.0

vendor:huaweimodel:s5700siscope:eqversion:v200r002c00spc300

Trust: 1.0

vendor:huaweimodel:s6700eiscope:eqversion:v200r005c00spc300

Trust: 1.0

vendor:huaweimodel:s6300eiscope:eqversion:v200r005c00spc300

Trust: 1.0

vendor:huaweimodel:s2350eiscope:eqversion:v200r003c00spc300

Trust: 1.0

vendor:huaweimodel:s9700scope:eqversion:v200r006c00spc500

Trust: 1.0

vendor:huaweimodel:s5700eiscope:eqversion:v200r003c00spc300

Trust: 1.0

vendor:huaweimodel:s5710hiscope:eqversion:v200r003c00spc300

Trust: 1.0

vendor:huaweimodel:s5300siscope:eqversion:v200r003c00spc300

Trust: 1.0

vendor:huaweimodel:s7700scope:eqversion:v200r001c00spc300

Trust: 1.0

vendor:huaweimodel:s5300liscope:eqversion:v200r007c00spc500

Trust: 1.0

vendor:huaweimodel:s7700scope:eqversion:v200r005c00spc300

Trust: 1.0

vendor:huaweimodel:s5720hiscope:eqversion:v200r006c00spc500

Trust: 1.0

vendor:huaweimodel:s9700scope:eqversion:v200r007c00spc500

Trust: 1.0

vendor:huaweimodel:s2750eiscope:eqversion:v200r001c00spc300

Trust: 1.0

vendor:huaweimodel:s5300hiscope:eqversion:v200r001c00spc300

Trust: 1.0

vendor:huaweimodel:s7700scope:eqversion:v200r006c00spc500

Trust: 1.0

vendor:huaweimodel:s2350eiscope:eqversion:v200r001c00spc300

Trust: 1.0

vendor:huaweimodel:s5300liscope:eqversion:v200r003c00spc300

Trust: 1.0

vendor:huaweimodel:s5300hiscope:eqversion:v200r005c00spc300

Trust: 1.0

vendor:huaweimodel:s5700eiscope:eqversion:v200r001c00spc300

Trust: 1.0

vendor:huaweimodel:s5700liscope:eqversion:v200r001c00spc300

Trust: 1.0

vendor:huaweimodel:s9300scope:eqversion:v200r005c00spc300

Trust: 1.0

vendor:huaweimodel:s2350eiscope:eqversion:v200r005c00spc300

Trust: 1.0

vendor:huaweimodel:s6700eiscope:eqversion:v200r003c00spc300

Trust: 1.0

vendor:huaweimodel:s6300eiscope:eqversion:v200r003c00spc300

Trust: 1.0

vendor:huaweimodel:s5700liscope:eqversion:v200r005c00spc300

Trust: 1.0

vendor:huaweimodel:s2750eiscope:eqversion:v200r002c00spc300

Trust: 1.0

vendor:huaweimodel:s5720hiscope:eqversion:v200r007c00spc500

Trust: 1.0

vendor:huaweimodel:s3700scope:eqversion:v100r006c00

Trust: 1.0

vendor:huaweimodel:s12700scope:eqversion:v200r005c00spc300

Trust: 1.0

vendor:huaweimodel:s9300scope:eqversion:v200r006c00spc500

Trust: 1.0

vendor:huaweimodel:s3700scope:eqversion:v100r006c03

Trust: 1.0

vendor:huaweimodel:s2350eiscope:eqversion:v200r006c00spc500

Trust: 1.0

vendor:huaweimodel:s7700scope:eqversion:v200r007c00spc500

Trust: 1.0

vendor:huaweimodel:s5700liscope:eqversion:v200r006c00spc500

Trust: 1.0

vendor:huaweimodel:s5700eiscope:eqversion:v200r002c00spc300

Trust: 1.0

vendor:huaweimodel:s5710hiscope:eqversion:v200r002c00spc300

Trust: 1.0

vendor:huaweimodel:s12700scope:eqversion:v200r006c00spc500

Trust: 1.0

vendor:huaweimodel:s5300siscope:eqversion:v200r002c00spc300

Trust: 1.0

vendor:huaweimodel:s5300eiscope:eqversion:v200r002c00spc300

Trust: 1.0

vendor:huaweimodel:s5300liscope:eqversion:v200r001c00spc300

Trust: 1.0

vendor:huaweimodel:s5700hiscope:eqversion:v200r001c00spc300

Trust: 1.0

vendor:huaweimodel:s9300scope:eqversion:v200r007c00spc500

Trust: 1.0

vendor:huaweimodel:s2350eiscope:eqversion:v200r007c00spc500

Trust: 1.0

vendor:huaweimodel:s5300liscope:eqversion:v200r005c00spc300

Trust: 1.0

vendor:huaweimodel:s6700eiscope:eqversion:v200r001c00spc300

Trust: 1.0

vendor:huaweimodel:s5700liscope:eqversion:v200r007c00spc500

Trust: 1.0

vendor:huaweimodel:s12700scope: - version: -

Trust: 0.8

vendor:huaweimodel:s2300scope: - version: -

Trust: 0.8

vendor:huaweimodel:s2350eiscope: - version: -

Trust: 0.8

vendor:huaweimodel:s2700scope: - version: -

Trust: 0.8

vendor:huaweimodel:s2750eiscope: - version: -

Trust: 0.8

vendor:huaweimodel:s3300scope: - version: -

Trust: 0.8

vendor:huaweimodel:s3700scope: - version: -

Trust: 0.8

vendor:huaweimodel:s5300eiscope: - version: -

Trust: 0.8

vendor:huaweimodel:s5300hiscope: - version: -

Trust: 0.8

vendor:huaweimodel:s5300siscope: - version: -

Trust: 0.8

vendor:huaweimodel:s5700eiscope: - version: -

Trust: 0.8

vendor:huaweimodel:s5700hiscope: - version: -

Trust: 0.8

vendor:huaweimodel:s5700siscope: - version: -

Trust: 0.8

vendor:huaweimodel:s5710hiscope: - version: -

Trust: 0.8

vendor:huaweimodel:s5720hiscope: - version: -

Trust: 0.8

vendor:huaweimodel:s6300eiscope: - version: -

Trust: 0.8

vendor:huaweimodel:s6700eiscope: - version: -

Trust: 0.8

vendor:huaweimodel:s7700scope: - version: -

Trust: 0.8

vendor:huaweimodel:s9300scope: - version: -

Trust: 0.8

vendor:huaweimodel:s9700scope: - version: -

Trust: 0.8

vendor:huaweimodel:s12700 v200r005c00spc300scope: - version: -

Trust: 0.6

vendor:huaweimodel:s12700 v200r006c00spc500scope: - version: -

Trust: 0.6

vendor:huaweimodel:s12700 v200r007c00spc500scope: - version: -

Trust: 0.6

vendor:huaweimodel:s5720hi v200r006c00spc500scope: - version: -

Trust: 0.6

vendor:huaweimodel:s5720hi v200r007c00spc500scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2017-33208 // JVNDB: JVNDB-2015-007610 // CNNVD: CNNVD-201706-290 // NVD: CVE-2015-3913

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-3913
value: HIGH

Trust: 1.0

NVD: CVE-2015-3913
value: HIGH

Trust: 0.8

CNVD: CNVD-2017-33208
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201706-290
value: HIGH

Trust: 0.6

VULHUB: VHN-81874
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2015-3913
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2017-33208
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-81874
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2015-3913
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2017-33208 // VULHUB: VHN-81874 // JVNDB: JVNDB-2015-007610 // CNNVD: CNNVD-201706-290 // NVD: CVE-2015-3913

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-81874 // JVNDB: JVNDB-2015-007610 // NVD: CVE-2015-3913

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201706-290

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201706-290

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-007610

PATCH
title:Huawei-SA-20150506-01-ICMPurl:http://www.huawei.com/en/psirt/security-advisories/hw-427449
Trust: 0.8
title:Patches for various Huawei product input verification vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/105678
Trust: 0.6
title:Multiple Huawei Fixes for product input validation vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=74793
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2017-33208 // 
            
            
            
            JVNDB: JVNDB-2015-007610 // 
            
            
            
            CNNVD: CNNVD-201706-290

EXTERNAL IDS
db:NVDid:CVE-2015-3913
Trust: 3.1
db:JVNDBid:JVNDB-2015-007610
Trust: 0.8
db:CNNVDid:CNNVD-201706-290
Trust: 0.7
db:CNVDid:CNVD-2017-33208
Trust: 0.6
db:VULHUBid:VHN-81874
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2017-33208 // 
            
            
            
            VULHUB: VHN-81874 // 
            
            
            
            JVNDB: JVNDB-2015-007610 // 
            
            
            
            CNNVD: CNNVD-201706-290 // 
            
            
            
            NVD: CVE-2015-3913

REFERENCES
url:http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-427449.htm
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3913
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2015-3913
Trust: 0.8
url:http://www.huawei.com/en/psirt/security-advisories/hw-427449
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2017-33208 // 
            
            
            
            VULHUB: VHN-81874 // 
            
            
            
            JVNDB: JVNDB-2015-007610 // 
            
            
            
            CNNVD: CNNVD-201706-290 // 
            
            
            
            NVD: CVE-2015-3913

SOURCES
db:CNVDid:CNVD-2017-33208
db:VULHUBid:VHN-81874
db:JVNDBid:JVNDB-2015-007610
db:CNNVDid:CNNVD-201706-290
db:NVDid:CVE-2015-3913

LAST UPDATE DATE
2024-11-23T22:26:45.293000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2017-33208date:2017-11-09T00:00:00
db:VULHUBid:VHN-81874date:2017-06-22T00:00:00
db:JVNDBid:JVNDB-2015-007610date:2017-07-10T00:00:00
db:CNNVDid:CNNVD-201706-290date:2017-09-29T00:00:00
db:NVDid:CVE-2015-3913date:2024-11-21T02:30:04.850

SOURCES RELEASE DATE
db:CNVDid:CNVD-2017-33208date:2017-11-08T00:00:00
db:VULHUBid:VHN-81874date:2017-06-08T00:00:00
db:JVNDBid:JVNDB-2015-007610date:2017-07-10T00:00:00
db:CNNVDid:CNNVD-201706-290date:2017-06-08T00:00:00
db:NVDid:CVE-2015-3913date:2017-06-08T21:29:00.377