CVE-2015-8677

Name of the Vulnerable Software and Affected Versions Huawei S5300EI, S5300SI, S5310HI, and S6300EI Campus series switches versions V200R003C00 through V200R003SPH010 and versions V200R005C00 through V200R005SPH007 Huawei S2350EI and S5300LI Campus series switches versions V200R003C00 through V200R003SPH010, versions V200R005C00 through V200R005SPH007, and versions V200R006C00 through V200R006SPH001 Huawei S9300, S7700, and S9700 Campus series switches versions V200R003C00 through V200R003SPH010, versions V200R005C00 through V200R005SPH008, and versions V200R006C00 through V200R006SPH002 Huawei S5720HI and S5720EI Campus series switches versions V200R006C00 through V200R006SPH001 Huawei S2300 and S3300 Campus series switches versions V100R006C05 through V100R006SPH021

Description The issue allows remote authenticated users to cause a denial of service by logging in and out of the HTTPS or SFTP server, related to SSL session information. When serving as an HTTPS or SFTP server, the Huawei switch stores a user's SSL session information in memory even after the user logs out. If the memory occupied by the SSL session information exceeds the allocated amount, a memory leak occurs, causing the device to restart.

Recommendations For Huawei S5300EI, S5300SI, S5310HI, and S6300EI Campus series switches versions V200R003C00 through V200R003SPH010 and versions V200R005C00 through V200R005SPH007, update to version V200R003SPH011 or V200R005SPH008 or later. For Huawei S2350EI and S5300LI Campus series switches versions V200R003C00 through V200R003SPH010, versions V200R005C00 through V200R005SPH007, and versions V200R006C00 through V200R006SPH001, update to version V200R003SPH011, V200R005SPH008, or V200R006SPH002 or later. For Huawei S9300, S7700, and S9700 Campus series switches versions V200R003C00 through V200R003SPH010, versions V200R005C00 through V200R005SPH008, and versions V200R006C00 through V200R006SPH002, update to version V200R003SPH011, V200R005SPH009, or V200R006SPH003 or later. For Huawei S5720HI and S5720EI Campus series switches versions V200R006C00 through V200R006SPH001, update to version V200R006SPH002 or later. For Huawei S2300 and S3300 Campus series switches versions V100R006C05 through V100R006SPH021, update to version V100R006SPH022 or later.