CVE-2014-8570

MEDIUM

Huawei S9300 Firmware - Information Disclosure

Title source: rule

Description

Huawei S9300, S9303, S9306, S9312 with software V100R002; S7700, S7703, S7706, S7712 with software V100R003, V100R006, V200R001, V200R002, V200R003, V200R005; S9300E, S9303E, S9306E, S9312E with software V200R001; S9700, S9703, S9706, S9712 with software V200R002, V200R003, V200R005; S12708, S12712 with software V200R005; 5700HI, 5300HI with software V100R006, V200R001, V200R002, V200R003, V200R005; 5710EI, 5310EI with software V200R002, V200R003, V200R005; 5710HI, 5310HI with software V200R003, V200R005; 6700EI, 6300EI with software V200R005 could cause a leak of IP addresses of devices, related to unintended interface support for VRP MPLS LSP Ping.

References (1)

[Vendor Advisory] http://www.huawei.com/en/psirt/security-advisories/hw-372145

Scores

CVSS v3 5.3

EPSS 0.0011

EPSS Percentile 29.3%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Classification

CWE

CWE-200

Status published

Affected Products (50)

huawei/s9300_firmware

huawei/s9303_firmware

huawei/s9306_firmware

... and 35 more

Timeline

Published Apr 02, 2017

Tracked Since Feb 18, 2026