Denial of Service Vulnerability in Huawei Quidway Switches
CVE-2014-3224

7.5HIGH

Key Information:

Vendor: Huawei
Status: Quidway S9700,quidway S9300,quidway S7700,quidway S6700,quidway S6300,quidway S5700,quidway S5300 Quidway S9700 V200r003c00spc500,quidway S9300 V200r003c00spc500,quidway S7700 V200r003c00spc500,quidway S6700 V200r003c00spc300,quidway S6300 V200r003c00spc300,quidway S5700 V200r003c00spc300,quidway S5300 V200r003c00spc300
Vendor: CVE Published:; 2 April 2017

Summary

The vulnerability allows attackers to exploit Huawei's Quidway switch series by sending specially crafted malformed packets. This can lead to a Denial of Service (DoS) condition, rendering the affected devices unresponsive. Organizations using these products should take immediate action to secure their networks against potential exploitation.

Affected Version(s)

Quidway S9700,Quidway S9300,Quidway S7700,Quidway S6700,Quidway S6300,Quidway S5700,Quidway S5300 Quidway S9700 V200R003C00SPC500,Quidway S9300 V200R003C00SPC500,Quidway S7700 V200R003C00SPC500,Quidway S6700 V200R003C00SPC300,Quidway S6300 V200R003C00SPC300,Quidway S5700 V200R003C00SPC300,Quidway S5300 V200R003C00SPC300 Quidway S9700,Quidway S9300,Quidway S7700,Quidway S6700,Quidway S6300,Quidway S5700,Quidway S5300 Quidway S9700 V200R003C00SPC500,Quidway S9300 V200R003C00SPC500,Quidway S7700 V200R003C00SPC500,Quidway S6700 V200R003C00SPC300,Quidway S6300 V200R003C00SPC300,Quidway S5700 V200R003C00SPC300,Quidway S5300 V200R003C00SPC300

References

http://www.huawei.com/en/psirt/security-advisories/hw-333184

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 2, 2017
Vulnerability Reserved
May 5, 2014