CVE-2015-8087

Published Nov 19, 2015

Last updated 9 years ago

Overview

Description: Huawei NE20E-S, NE40E-M, and NE40E-M2 routers with software before V800R007C10SPC100 and NE40E and NE80E routers with software before V800R007C00SPC100 allows remote attackers to send packets to other VPNs and conduct flooding attacks via a crafted MPLS forwarding packet, aka a "VPN routing and forwarding (VRF) hopping vulnerability."
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-399

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:huawei:ne_router_software:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85E31531-A395-4A57-9C6C-728F20E7B980",
            "versionEndIncluding": "v800r006"
          },
          {
            "criteria": "cpe:2.3:a:huawei:ne_router_software:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "98433F99-0D69-48F4-A9F1-E0286117DB6E",
            "versionEndIncluding": "v800r007c00"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ne20e-s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6A01D2B0-26DD-4B96-A81B-19C6C7648174"
          },
          {
            "criteria": "cpe:2.3:h:huawei:ne40e-m:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7CF3CC04-C10F-40D0-8EBD-5FD6AB82EA30"
          },
          {
            "criteria": "cpe:2.3:h:huawei:ne40e-m2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "28D6CB5E-2D19-46E0-AD6C-ECE67F8CC54F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:huawei:ne_router_software:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85E31531-A395-4A57-9C6C-728F20E7B980",
            "versionEndIncluding": "v800r006"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ne40e:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BC8305DE-35FC-4F3C-96E1-FB083D26FCB5"
          },
          {
            "criteria": "cpe:2.3:h:huawei:ne80e:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0113DDEA-5205-4E4B-B74B-04918FD00D8E"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References