CVE-2014-9697

Published Oct 17, 2017

Last updated 7 years ago

CVSS high 7.5

Overview

Description: Huawei USG9560/9520/9580 before V300R001C01SPC300 allows remote attackers to cause a memory leak or denial of service (memory exhaustion, reboot and MPU switchover) via a crafted website.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 3.0

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-400

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:usg9560_firmware:v300r001c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A3579DD6-8D1F-4E2C-8B2A-75CDB8E918AF"
          },
          {
            "criteria": "cpe:2.3:o:huawei:usg9560_firmware:v300r001c01spc100:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AAE6EC53-DA37-4E4F-8810-4AB5BB4B793A"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:usg9560:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "96AFE94D-EDC7-4372-A1BF-8089D5551AD9"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:usg9520_firmware:v300r001c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2CB5B58D-B0C4-40F7-87BB-4A830FEFCAEA"
          },
          {
            "criteria": "cpe:2.3:o:huawei:usg9520_firmware:v300r001c01spc100:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "41B04E17-E14A-4BD3-8EE4-27FB7F71626F"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:usg9520:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "60030EDB-682F-4107-80FC-5F03CE75131D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:usg9580_firmware:v300r001c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "73A66B7A-8F1E-4E1C-A6A0-857FDD4E5ECD"
          },
          {
            "criteria": "cpe:2.3:o:huawei:usg9580_firmware:v300r001c01spc100:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6FCB557E-A4F8-406E-A7B8-0148280E059E"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:usg9580:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "14C9D3E2-B016-4238-A170-6C4AD1B3B76C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References