CVE-2014-8570

Name of the Vulnerable Software and Affected Versions Huawei S9300, S9303, S9306, S9312 versions V100R002 Huawei S7700, S7703, S7706, S7712 versions V100R003, V100R006, V200R001, V200R002, V200R003, V200R005 Huawei S9300E, S9303E, S9306E, S9312E version V200R001 Huawei S9700, S9703, S9706, S9712 versions V200R002, V200R003, V200R005 Huawei S12708, S12712 version V200R005 Huawei 5700HI, 5300HI versions V100R006, V200R001, V200R002, V200R003, V200R005 Huawei 5710EI, 5310EI versions V200R002, V200R003, V200R005 Huawei 5710HI, 5310HI versions V200R003, V200R005 Huawei 6700EI, 6300EI version V200R005

Description The issue is related to unintended interface support for VRP MPLS LSP Ping, which can cause a leak of IP addresses of devices. This is due to the MPLS LSP Ping service being bound to unnecessary interfaces. The VRP platform, developed by Huawei, provides improved IP routing services and is widely applied to network devices.

Recommendations For Huawei S9300, S9303, S9306, S9312 version V100R002, restrict access to the MPLS LSP Ping service to minimize the risk of IP address leakage. For Huawei S7700, S7703, S7706, S7712 versions V100R003, V100R006, V200R001, V200R002, V200R003, V200R005, consider disabling the MPLS LSP Ping service on unnecessary interfaces. For Huawei S9300E, S9303E, S9306E, S9312E version V200R001, avoid using the MPLS LSP Ping service until the issue is resolved. For Huawei S9700, S9703, S9706, S9712 versions V200R002, V200R003, V200R005, restrict access to the VRP platform to prevent unintended interface support. For Huawei S12708, S12708 version V200R005, disable the MPLS LSP Ping service to prevent IP address leakage. For Huawei 5700HI, 5300HI versions V100R006, V200R001, V200R002, V200R003, V200R005, restrict access to the MPLS LSP Ping service on unnecessary interfaces. For Huawei 5710EI, 5310EI versions V200R002, V200R003, V200R005, consider disabling the MPLS LSP Ping service until the issue is resolved. For Huawei 5710HI, 5310HI versions V200R003, V200R005, avoid using the MPLS LSP Ping service to prevent IP address leakage. For Huawei 6700EI, 6300EI version V200R005, restrict access to the VRP platform to minimize the risk of IP address leakage.