PT-2014-8625 · Huawei · S2700+14
Published
2014-10-10
·
Updated
2017-04-11
·
CVE-2014-8572
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Huawei AC6605 versions V200R001C00 through V200R002C00
Huawei ACU versions V200R001C00 through V200R002C00
Huawei S2300, S3300, S2700, S3700 versions prior to V100R006C05
Huawei S5300, S5700, S6300, S6700 versions prior to V200R005C00SPC300
Huawei S7700, S9300, S9300E, S9700 versions prior to V200R005C00SPC300
Description
The issue is related to an input verification problem in the SSH of the VRP device, allowing remote attackers to send a special SSH packet and cause a denial of service.
Recommendations
For Huawei AC6605 versions V200R001C00 through V200R002C00, update to a version later than V200R002C00 to resolve the issue.
For Huawei ACU versions V200R001C00 through V200R002C00, update to a version later than V200R002C00 to resolve the issue.
For Huawei S2300, S3300, S2700, S3700 versions prior to V100R006C05, update to V100R006C05 or a later version to resolve the issue.
For Huawei S5300, S5700, S6300, S6700 versions prior to V200R005C00SPC300, update to V200R005C00SPC300 or a later version to resolve the issue.
For Huawei S7700, S9300, S9300E, S9700 versions prior to V200R005C00SPC300, update to V200R005C00SPC300 or a later version to resolve the issue.
Fix
DoS
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ac6605
Acu
Huawei Vrp
S2300
S2700
S3300
S3700
S5300
S5700
S6300
S6700
S7700
S9300
S9300E
S9700