PT-2017-5863 · Huawei · Eudemon8000E

Published

2017-04-02

Updated

2017-04-05

CVE-2014-3221

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions: Huawei Eudemon8000E firewall versions V200R001C01SPC800 and earlier

Description: The issue affects the logging process of the device, allowing an attacker to slow down the login process by sending a large number of TCP packets with a special structure, potentially preventing users from logging in to the device.

Recommendations: For versions V200R001C01SPC800 and earlier, consider restricting access to Telnet or SSH until a fix is available, and as a temporary workaround, implement rate limiting on TCP packets to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

CVE-2014-3221

Affected Products

Eudemon8000E

PT-2017-5863 · Huawei · Eudemon8000E

CVE-2014-3221

Weakness Enumeration

Related Identifiers

Affected Products

References · 2