CVE-2015-8086

CWE-3263 documents3 sources
Severity
4.9MEDIUM
EPSS
0.0%
top 92.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
Huawei AR FirmwareHuawei Quidway S5300 FirmwareHuawei Quidway S9300 Firmware+4 more
Timeline
PublishedOct 3
Latest updateMay 17

Description

Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software before V200R009C00; S12700 routers with software before V200R008C00SPC500; S9300, Quidway S5300, and S5300 routers with software before V200R007C00; and S5700 routers with software before V200R007C00SPC500 makes it easier for remote authenticated administrators to obtain encryption keys and ciphertext passwords via vectors related to key storage.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 1.2 | Impact: 3.6

Affected Packages7 packages

NVDhuawei/quidway_s5300_firmwarev200r001c00spc300
NVDhuawei/quidway_s9300_firmwarev200r001c00spc300, v200r002c00spc100, v200r003c00spc500+2
NVDhuawei/s5300_firmwarev200r002c00, v200r005c00spc500, v200r006c00spc500+2
NVDhuawei/s9300_firmwarev200r005c00spc300, v200r006c00spc500+1
NVDhuawei/s5700_firmware5 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-2p8x-jcrp-pq93: Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software before V200R009C00; S12700 routers with software before2022-05-17
CVEList
CVE-2015-8086: Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software before V200R009C00; S12700 routers with software before2016-10-03
CVE-2015-8086 (MEDIUM CVSS 4.9) | Huawei AR routers with software bef | cvebase.io