NVD

Id
28754  
Name
CVE-2015-8677  
Description
Memory leak in Huawei S5300EI, S5300SI, S5310HI, and S6300EI Campus series switches with software V200R003C00 before V200R003SPH011 and V200R005C00 before V200R005SPH008; S2350EI and S5300LI Campus series switches with software V200R003C00 before V200R003SPH011, V200R005C00 before V200R005SPH008, and V200R006C00 before V200R006SPH002; S9300, S7700, and S9700 Campus series switches with software V200R003C00 before V200R003SPH011, V200R005C00 before V200R005SPH009, and V200R006C00 before V200R006SPH003; S5720HI and S5720EI Campus series switches with software V200R006C00 before V200R006SPH002; and S2300 and S3300 Campus series switches with software V100R006C05 before V100R006SPH022 allows remote authenticated users to cause a denial of service (memory consumption and device restart) by logging in and out of the (1) HTTPS or (2) SFTP server, related to SSL session information.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.9  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:N/I:N/A:C)  
Pub Date
2017-01-19  
Published
2016-04-14  
Modified Date
2016-04-28  
Seq
2015-8677  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
151320 28754 CVE-2015-8677 http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160113-03-switch-en  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
11788 JVNDB-2015-007108 複数の Huawei 製品におけるサービス運用妨害 (DoS) の脆弱性 複数の Huawei 製品には、SSL セッション情報に関する処理に不備があるため、メモリリークにより、サービス運用妨害 (メモリ消費およびデバイスの再起動) 状態にされる脆弱性が存在します。 CVE-2015-8677 85902 CVE-2015-8677 28754 6.8 6.5 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-007108.html 2015-12-25 2016-05-02 View