CVE-2015-2800

Name of the Vulnerable Software and Affected Versions Huawei Campus switches S5700, S5300, S6300, and S6700 versions prior to V200R001SPH012 Huawei Campus switches S7700, S9300, and S9700 versions prior to V200R001SPH015

Description The issue is related to the user authentication module, which allows remote attackers to cause a denial of service, resulting in a device restart. This is triggered by vectors involving authentication that cause an array access violation. The vulnerability is due to flaws in the authentication procedure, specifically an array initialization issue. Exploitation of this issue can allow a remote attacker to cause a denial of service using authentication vectors that trigger an array access violation.

Recommendations For Huawei Campus switches S5700, S5300, S6300, and S6700 versions prior to V200R001SPH012, update to version V200R001SPH012 or later. For Huawei Campus switches S7700, S9300, and S9700 versions prior to V200R001SPH015, update to version V200R001SPH015 or later.