CVE-2015-8085

Name of the Vulnerable Software and Affected Versions Huawei AR routers versions prior to V200R007C00SPC100 Quidway S9300 routers versions prior to V200R009C00 S12700 routers versions prior to V200R008C00SPC500 S9300, Quidway S5300, and S5300 routers versions prior to V200R007C00 S5700 routers versions prior to V200R007C00SPC500

Description The issue allows remote authenticated administrators to obtain and decrypt passwords by leveraging the selection of a reversible encryption algorithm. This is caused by improper encryption mechanisms in some Huawei products, where users can choose between reversible or irreversible encryption algorithms to encrypt passwords. If a reversible encryption algorithm is used, an attacker with high administrative privileges can log in to the device, obtain the ciphertext password of a higher-level administrator, and potentially crack it to gain elevated privileges.

Recommendations For Huawei AR routers versions prior to V200R007C00SPC100, update to V200R007C00SPC100 or later. For Quidway S9300 routers versions prior to V200R009C00, update to V200R009C00 or later. For S12700 routers versions prior to V200R008C00SPC500, update to V200R008C00SPC500 or later. For S9300, Quidway S5300, and S5300 routers versions prior to V200R007C00, update to V200R007C00 or later. For S5700 routers versions prior to V200R007C00SPC500, update to V200R007C00SPC500 or later.