CVE-2015-8331

Name of the Vulnerable Software and Affected Versions Huawei VCN500 versions prior to V100R002C00SPC200

Description The issue arises from the Operation and Maintenance Unit (OMU) in Huawei VCN500, where it fails to properly invalidate the session ID when an abnormal exit occurs. This allows remote attackers to conduct replay attacks via the session ID.

Recommendations For versions prior to V100R002C00SPC200, update to V100R002C00SPC200 or later to resolve the issue. As a temporary workaround, consider implementing additional session validation mechanisms to minimize the risk of replay attacks.