Note:
This project will be discontinued after December 13, 2021. [more]
Product:
S5700_firmware
(Huawei)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 44 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-03-09 | CVE-2016-8786 | Huawei S12700 V200R005C00, V200R006C00, V200R007C00, V200R008C00, S5700 V200R006C00, V200R007C00, V200R008C00, S6700 V200R008C00, S7700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, S9700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00 have a denial of service (DoS) vulnerability. Due to the lack of input validation, a remote attacker may craft a malformed Resource Reservation Protocol (RSVP) packet and... | S12700_firmware, S5700_firmware, S6700_firmware, S7700_firmware, S9700_firmware | 7.5 | ||
| 2018-03-09 | CVE-2016-8785 | Huawei S12700 V200R007C00, V200R008C00, S5700 V200R007C00, S7700 V200R002C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, S9700 V200R007C00 have an input validation vulnerability. Due to the lack of input validation, an attacker may craft a malformed packet and send it to the device using VRP, causing the device to display additional memory data and possibly leading to sensitive information leakage. | S12700_firmware, S5700_firmware, S7700_firmware, S9700_firmware | 4.3 | ||
| 2017-04-02 | CVE-2016-8773 | Huawei S5300 with software V200R003C00, V200R007C00, V200R008C00, V200R009C00; S5700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R005C03, V200R007C00, V200R008C00, V200R009C00; S6300 with software V200R003C00, V200R005C00, V200R008C00, V200R009C00; S6700 with software V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R008C00, V200R009C00; S7700 with software V200R007C00, V200R008C00, V200R009C00; S9300 with software V200R007C00, V200R008C00,... | S12700_firmware, S5300_firmware, S5700_firmware, S6300_firmware, S6700_firmware, S7700_firmware, S9300_firmware, S9700_firmware | 7.5 | ||
| 2016-09-26 | CVE-2016-6518 | Memory leak in Huawei S9300, S5300, S5700, S6700, S7700, S9700, and S12700 devices allows remote attackers to cause a denial of service (memory consumption and restart) via a large number of malformed packets. | S12700_firmware, S5300_firmware, S5700_firmware, S6300_firmware, S6700_firmware, S7700_firmware, S9300_firmware, S9700_firmware | 7.5 | ||
| 2016-05-23 | CVE-2016-4087 | Huawei S12700 switches with software before V200R008C00SPC500 and S5700 switches with software before V200R005SPH010, when the debug switch is enabled, allows remote attackers to cause a denial of service or execute arbitrary code via crafted DNS packets. | S12700_firmware, S5700_firmware | 8.1 | ||
| 2016-04-11 | CVE-2016-3678 | Huawei Quidway S9700, S5700, S5300, S9300, and S7700 switches with software before V200R003SPH012 allow remote attackers to cause a denial of service (switch restart) via crafted traffic. | S5300_firmware, S5700_firmware, S7700_firmware, S9300_firmware, S9700_firmware | 7.5 | ||
| 2017-04-02 | CVE-2016-2404 | Huawei switches S5700, S6700, S7700, S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00; S12700 with software V200R005C00SPC500, V200R006C00; ACU2 with software V200R005C00SPC500, V200R006C00 have a permission control vulnerability. If a switch enables Authentication, Authorization, and Accounting (AAA) for permission control and user permissions are not appropriate, AAA users may obtain the virtual type terminal (VTY) access... | Acu2_firmware, S12700_firmware, S5700_firmware, S6700_firmware, S7700_firmware, S9700_firmware | 7.5 | ||
| 2016-10-03 | CVE-2015-8086 | Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software before V200R009C00; S12700 routers with software before V200R008C00SPC500; S9300, Quidway S5300, and S5300 routers with software before V200R007C00; and S5700 routers with software before V200R007C00SPC500 makes it easier for remote authenticated administrators to obtain encryption keys and ciphertext passwords via vectors related to key storage. | Ar_firmware, Quidway_s5300_firmware, Quidway_s9300_firmware, S12700_firmware, S5300_firmware, S5700_firmware, S9300_firmware | 4.9 | ||
| 2016-10-03 | CVE-2015-8085 | Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software before V200R009C00; S12700 routers with software before V200R008C00SPC500; S9300, Quidway S5300, and S5300 routers with software before V200R007C00; and S5700 routers with software before V200R007C00SPC500 make it easier for remote authenticated administrators to obtain and decrypt passwords by leveraging selection of a reversible encryption algorithm. | Ar_firmware, Quidway_s5300_firmware, Quidway_s9300_firmware, S12700_firmware, S5300_firmware, S5700_firmware, S9300_firmware | 4.9 | ||
| 2017-06-08 | CVE-2015-2800 | The user authentication module in Huawei Campus switches S5700, S5300, S6300, and S6700 with software before V200R001SPH012 and S7700, S9300, and S9700 with software before V200R001SPH015 allows remote attackers to cause a denial of service (device restart) via vectors involving authentication, which trigger an array access violation. | S5300_firmware, S5700_firmware, S6300_firmware, S6700_firmware, S7700_firmware, S9300_firmware, S9700_firmware | 7.5 |