CVE-2015-8230 - OpenCVE

Memory leak in Huawei eSpace 8950 IP phones with software before V200R003C00SPC300 allows remote attackers to cause a denial of service (memory consumption and restart) via a large number of crafted ARP packets.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:N/AC:L/Au:N/C:N/I:N/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Huawei	Espace 8950

Configuration 1 [-]

AND

cpe:2.3:a:huawei:espace_8950:v200r003c00spc200:*:*:*:*:*:*:*

cpe:2.3:h:huawei:espace_8950:-:*:*:*:*:*:*:*

References

Link	Resource
http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-461217.htm	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2016-01-11T15:00:00

Updated: 2016-01-11T14:57:02

Reserved: 2015-11-17T00:00:00

Link: CVE-2015-8230

JSON object: View

NVD Information

Status : Analyzed

Published: 2016-01-11T15:59:02.527

Modified: 2016-01-12T17:15:11.450

Link: CVE-2015-8230

JSON object: View

Redhat Information

No data.

CWE

CWE-399

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:huawei:espace_8950:v200r003c00spc200:*:*:*:*:*:*:*", "matchCriteriaId": "2624F9B2-30FC-4FD6-8C81-4C1E9839D0E4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:espace_8950:-:*:*:*:*:*:*:*", "matchCriteriaId": "D8BFC4FD-DC7A-47E9-BC06-86F11E2211AE", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Memory leak in Huawei eSpace 8950 IP phones with software before V200R003C00SPC300 allows remote attackers to cause a denial of service (memory consumption and restart) via a large number of crafted ARP packets."}, {"lang": "es", "value": "Fuga de memoria en tel\u00e9fonos Huawei eSpace 8950 IP con software en versiones anteriores a V200R003C00SPC300 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de memoria y reinicio) a trav\u00e9s de un gran n\u00famero de paquetes ARP manipulados."}], "id": "CVE-2015-8230", "lastModified": "2016-01-12T17:15:11.450", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-01-11T15:59:02.527", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-461217.htm"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}