CVE-2015-1460 - OpenCVE

Huawei Quidway switches with firmware before V200R005C00SPC300 allows remote attackers to gain privileges via a crafted packet.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Huawei	Quidway S5300 Quidway S6300 Quidway S9700 Quidway S2750 Quidway S6700 Quidway Firmware Quidway S9300 Quidway S7700 Quidway S5700 Quidway S2350

Configuration 1 [-]

AND

cpe:2.3:o:huawei:quidway_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:huawei:quidway_s2350::::::::
	cpe:2.3:h:huawei:quidway_s2750::::::::
	cpe:2.3:h:huawei:quidway_s5300::::::::
	cpe:2.3:h:huawei:quidway_s5700::::::::
	cpe:2.3:h:huawei:quidway_s6300::::::::
	cpe:2.3:h:huawei:quidway_s6700::::::::
	cpe:2.3:h:huawei:quidway_s7700::::::::
	cpe:2.3:h:huawei:quidway_s9300::::::::
	cpe:2.3:h:huawei:quidway_s9700::::::::

References

Link	Resource
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-411975.htm	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-10-03T16:15:51

Updated: 2022-10-03T16:15:51

Reserved: 2022-10-03T00:00:00

Link: CVE-2015-1460

JSON object: View

NVD Information

Status : Analyzed

Published: 2015-02-03T16:59:32.000

Modified: 2015-02-04T17:51:51.757

Link: CVE-2015-1460

JSON object: View

Redhat Information

No data.

CWE

CWE-264

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:quidway_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8B7614EB-418A-4187-9D1B-64F1BEAEC906", "versionEndIncluding": "v200r003c00spc300", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:quidway_s2350:*:*:*:*:*:*:*:*", "matchCriteriaId": "FF5CE338-EC60-4002-972A-A0591AA0CB85", "vulnerable": false}, {"criteria": "cpe:2.3:h:huawei:quidway_s2750:*:*:*:*:*:*:*:*", "matchCriteriaId": "D7BB2642-D59E-4A1E-BA09-B9E175673754", "vulnerable": false}, {"criteria": "cpe:2.3:h:huawei:quidway_s5300:*:*:*:*:*:*:*:*", "matchCriteriaId": "475D1C5B-C660-4503-8911-FA7EEB08148F", "vulnerable": false}, {"criteria": "cpe:2.3:h:huawei:quidway_s5700:*:*:*:*:*:*:*:*", "matchCriteriaId": "395D24CA-5F04-403C-8FC8-0830A1F16BF3", "vulnerable": false}, {"criteria": "cpe:2.3:h:huawei:quidway_s6300:*:*:*:*:*:*:*:*", "matchCriteriaId": "C269CE85-925E-407F-91FE-1EC8F325157A", "vulnerable": false}, {"criteria": "cpe:2.3:h:huawei:quidway_s6700:*:*:*:*:*:*:*:*", "matchCriteriaId": "5D438553-27DD-4B9D-8B8E-A14DA58B60C6", "vulnerable": false}, {"criteria": "cpe:2.3:h:huawei:quidway_s7700:*:*:*:*:*:*:*:*", "matchCriteriaId": "82F78A49-DE7D-44B4-A77F-E0AFC7E3DB7F", "vulnerable": false}, {"criteria": "cpe:2.3:h:huawei:quidway_s9300:*:*:*:*:*:*:*:*", "matchCriteriaId": "46575F13-2D06-4DFD-9F44-FA398C288518", "vulnerable": false}, {"criteria": "cpe:2.3:h:huawei:quidway_s9700:*:*:*:*:*:*:*:*", "matchCriteriaId": "29EC92F4-14BD-42C4-A042-3529FAB00712", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Huawei Quidway switches with firmware before V200R005C00SPC300 allows remote attackers to gain privileges via a crafted packet."}, {"lang": "es", "value": "Los switches Huawei Quidway con firmware anterior a V200R005C00SPC300 permiten a atacantes remotos ganar privilegios a trav\u00e9s de un paquete manipulado."}], "id": "CVE-2015-1460", "lastModified": "2015-02-04T17:51:51.757", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-02-03T16:59:32.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-411975.htm"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}