CVE-2015-8086

Name of the Vulnerable Software and Affected Versions Huawei AR routers versions prior to V200R007C00SPC100 Quidway S9300 routers versions prior to V200R009C00 S12700 routers versions prior to V200R008C00SPC500 S9300, Quidway S5300, and S5300 routers versions prior to V200R007C00 S5700 routers versions prior to V200R007C00SPC500

Description The issue makes it easier for remote authenticated administrators to obtain encryption keys and ciphertext passwords via vectors related to key storage. Encryption keys are stored in the system, allowing an attacker to implement reverse engineering to obtain the encryption keys.

Recommendations For Huawei AR routers versions prior to V200R007C00SPC100, update to V200R007C00SPC100 or later. For Quidway S9300 routers versions prior to V200R009C00, update to V200R009C00 or later. For S12700 routers versions prior to V200R008C00SPC500, update to V200R008C00SPC500 or later. For S9300, Quidway S5300, and S5300 routers versions prior to V200R007C00, update to V200R007C00 or later. For S5700 routers versions prior to V200R007C00SPC500, update to V200R007C00SPC500 or later.