fkie_cve-2014-3223
Vulnerability from fkie_nvd
Published
2017-04-02 20:59
Modified
2024-11-21 02:07
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Huawei S9300 with software before V100R006SPH013 and S2300,S3300,S5300,S6300 with software before V100R006SPH010 support Y.1731 and therefore have the Y.1731 vulnerability in processing special packets. The vulnerability causes the restart of switches.
References
psirt@huawei.comhttp://www.huawei.com/en/psirt/security-advisories/hw-329625Mitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.huawei.com/en/psirt/security-advisories/hw-329625Mitigation, Vendor Advisory
Impacted products
Vendor Product Version
huawei s9300_firmware v100r006c00spc500
huawei s9300_firmware v100r006c00spc800
huawei s9300 -
huawei s3300_firmware v100r006c00spc800
huawei s3300_firmware v100r006c01spc100
huawei s3300_firmware v100r006c03
huawei s3300 -
huawei s2300_firmware v100r006c00spc800
huawei s2300_firmware v100r006c01spc100
huawei s2300_firmware v100r006c03
huawei s2300 -
huawei s5300_firmware v100r006c00spc800
huawei s5300_firmware v100r006c01spc100
huawei s5300_firmware v100r006c03
huawei s5300 -
huawei s6300_firmware v100r006c00spc800
huawei s6300_firmware v100r006c01spc100
huawei s6300_firmware v100r006c03
huawei s6300 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:s9300_firmware:v100r006c00spc500:*:*:*:*:*:*:*",
              "matchCriteriaId": "771FA881-8B73-4923-883E-6FB66DC5785B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s9300_firmware:v100r006c00spc800:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFDF8C50-BB1B-494F-A66C-6AA43829A1F8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:s9300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD2EC926-50C6-4CBE-BB6F-56F3A6287DEE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:s3300_firmware:v100r006c00spc800:*:*:*:*:*:*:*",
              "matchCriteriaId": "C32CA848-E4C4-4F45-B770-B0F56B1D803C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s3300_firmware:v100r006c01spc100:*:*:*:*:*:*:*",
              "matchCriteriaId": "01778409-3E0D-457D-A3A8-7D547B154EF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s3300_firmware:v100r006c03:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C328054-3E5C-4122-AD5B-49A71791D7F6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:s3300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A1410A1-ADCC-474F-ABEE-F0FE48E4CD7A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:s2300_firmware:v100r006c00spc800:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9B1ABFF-8054-47E2-A122-BBA45915EC4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s2300_firmware:v100r006c01spc100:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CBBAFAE-0988-4FB5-985F-D9F26F8FB590",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s2300_firmware:v100r006c03:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEFF6D05-BC82-4943-9D79-95CBEDD5CD2C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:s2300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17566603-275F-4E6B-B5D9-4A716EEC03DC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:s5300_firmware:v100r006c00spc800:*:*:*:*:*:*:*",
              "matchCriteriaId": "C23B78BC-958A-4F7B-AC41-8F92573CD050",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s5300_firmware:v100r006c01spc100:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F131E90-5381-4CC4-B98C-F127A7C9B24E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s5300_firmware:v100r006c03:*:*:*:*:*:*:*",
              "matchCriteriaId": "554D3674-06D0-4B04-9014-F4A5178785DF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:s5300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CFEF08E-54C5-4D60-AFF0-37B00D6E2DDD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:s6300_firmware:v100r006c00spc800:*:*:*:*:*:*:*",
              "matchCriteriaId": "59483B72-F057-4274-8C88-FF908AB44F5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s6300_firmware:v100r006c01spc100:*:*:*:*:*:*:*",
              "matchCriteriaId": "073D332C-3532-4F1E-9885-B5EBFAD04D9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s6300_firmware:v100r006c03:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F133779-0AA7-468B-9470-075091872D5D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:s6300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA3C8988-A1FC-4B04-9134-F2BDDADEAFB5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Huawei S9300 with software before V100R006SPH013 and S2300,S3300,S5300,S6300 with software before V100R006SPH010 support Y.1731 and therefore have the Y.1731 vulnerability in processing special packets. The vulnerability causes the restart of switches."
    },
    {
      "lang": "es",
      "value": "Huawei S9300 con software en versiones anteriores a V100R006SPH013 y S2300,S3300,S5300,S6300 con software en versiones anteriores a V100R006SPH010 soporte Y.1731 y por lo tanto tener la vulnerabilidad Y.1731 en el procesamiento de paquetes especiales. Ta vulnerabilidad provoca el reinicio de los switches."
    }
  ],
  "id": "CVE-2014-3223",
  "lastModified": "2024-11-21T02:07:42.830",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-04-02T20:59:00.237",
  "references": [
    {
      "source": "psirt@huawei.com",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "http://www.huawei.com/en/psirt/security-advisories/hw-329625"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "http://www.huawei.com/en/psirt/security-advisories/hw-329625"
    }
  ],
  "sourceIdentifier": "psirt@huawei.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-19"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.