CVE-2015-2800
HIGHHuawei S5700/S5300/S6300/S6700/S7700/S9300/S9700 Firmware - Denial of Service via Authentication Array Access Violation
Title source: llmDescription
The user authentication module in Huawei Campus switches S5700, S5300, S6300, and S6700 with software before V200R001SPH012 and S7700, S9300, and S9700 with software before V200R001SPH015 allows remote attackers to cause a denial of service (device restart) via vectors involving authentication, which trigger an array access violation.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/73355
Third Party Advisory, Vendor Advisory x_refsource_confirm
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-418554.htm
Scores
CVSS v3
7.5
EPSS
0.0280
EPSS Percentile
86.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-287
Status
published
Products (7)
huawei/s5300_firmware
< v200r001c00spc300
huawei/s5700_firmware
< v200r001c00spc300
huawei/s6300_firmware
< v200r001c00spc300
huawei/s6700_firmware
< v200r001c00spc300
huawei/s7700_firmware
< v200r001c00spc300
huawei/s9300_firmware
< v200r001c00spc300
huawei/s9700_firmware
< v200r001c00spc300
Published
Jun 08, 2017
Tracked Since
Feb 18, 2026