Huawei S9700 Firmware vulnerabilities

34 known vulnerabilities affecting huawei/s9700_firmware.

Total CVEs
34
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH16MEDIUM17LOW1

Vulnerabilities

Page 2 of 2
CVE-2017-8147HIGHCVSS 7.5vv200r001c00vv200r002c00+5 more2017-11-22
CVE-2017-8147 [HIGH] CWE-20 CVE-2017-8147: AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 with software V100R003C00, V100R005C00, V100R005
nvd
CVE-2015-7846MEDIUMCVSS 4.6vv200r001c00spc300vv200r002c00spc100+4 more2017-09-25
CVE-2015-7846 [MEDIUM] CWE-200 CVE-2015-7846: Huawei S7700, S9700, S9300 before V200R07C00SPC500, and AR200, AR1200, AR2200, AR3200 before V200R00 Huawei S7700, S9700, S9300 before V200R07C00SPC500, and AR200, AR1200, AR2200, AR3200 before V200R005C20SPC200 allows attackers with physical access to the CF card to obtain sensitive information.
nvd
CVE-2015-3913HIGHCVSS 7.5vv200r001c00spc300vv200r002c00spc300+4 more2017-06-08
CVE-2015-3913 [HIGH] CWE-20 CVE-2015-3913: The IP stack in multiple Huawei Campus series switch models allows remote attackers to cause a denia The IP stack in multiple Huawei Campus series switch models allows remote attackers to cause a denial of service (reboot) via a crafted ICMP request message.
nvd
CVE-2015-2800HIGHCVSS 7.5≤ v200r001c00spc3002017-06-08
CVE-2015-2800 [HIGH] CWE-287 CVE-2015-2800: The user authentication module in Huawei Campus switches S5700, S5300, S6300, and S6700 with softwar The user authentication module in Huawei Campus switches S5700, S5300, S6300, and S6700 with software before V200R001SPH012 and S7700, S9300, and S9700 with software before V200R001SPH015 allows remote attackers to cause a denial of service (device restart) via vectors involving authentication, which trigger an array access violation.
nvd
CVE-2016-8797HIGHCVSS 7.5vv200r006c00vv200r007c00+1 more2017-04-02
CVE-2016-8797 [HIGH] CWE-399 CVE-2016-8797: Huawei AR3200 with software V200R007C00, V200R005C32, V200R005C20; S12700 with software V200R008C00, Huawei AR3200 with software V200R007C00, V200R005C32, V200R005C20; S12700 with software V200R008C00, V200R007C00; S5300 with software V200R008C00, V200R007C00, V200R006C00; S5700 with software V200R008C00, V200R007C00, V200R006C00; S6300 with software V200R008C00, V200R007C00; S6700 with software V200R008C00, V200R007C00; S7700 with software V200R008C00
nvd
CVE-2016-8773HIGHCVSS 7.5vv200r007c00vv200r008c00+1 more2017-04-02
CVE-2016-8773 [HIGH] CWE-20 CVE-2016-8773: Huawei S5300 with software V200R003C00, V200R007C00, V200R008C00, V200R009C00; S5700 with software V Huawei S5300 with software V200R003C00, V200R007C00, V200R008C00, V200R009C00; S5700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R005C03, V200R007C00, V200R008C00, V200R009C00; S6300 with software V200R003C00, V200R005C00, V200R008C00, V200R009C00; S6700 with software V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C
nvd
CVE-2016-2404HIGHCVSS 7.5vv200r001c00spc300vv200r002c00spc100+3 more2017-04-02
CVE-2016-2404 [HIGH] CWE-264 CVE-2016-2404: Huawei switches S5700, S6700, S7700, S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R Huawei switches S5700, S6700, S7700, S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00; S12700 with software V200R005C00SPC500, V200R006C00; ACU2 with software V200R005C00SPC500, V200R006C00 have a permission control vulnerability. If a switch enables Authentication, Authorization, and Accounting
nvd
CVE-2014-8572HIGHCVSS 7.5≤ v200r005c00spc300vv100r006+3 more2017-04-02
CVE-2014-8572 [HIGH] CWE-20 CVE-2014-8572: Huawei AC6605 with software V200R001C00; AC6605 with software V200R002C00; ACU with software V200R00 Huawei AC6605 with software V200R001C00; AC6605 with software V200R002C00; ACU with software V200R001C00; ACU with software V200R002C00; S2300, S3300, S2700, S3700 with software V100R006C05 and earlier versions; S5300, S5700, S6300, S6700 with software V100R006, V200R001, V200R002, V200R003, V200R005C00SPC300 and earlier versions; S7700, S9300, S9300E, S
nvd
CVE-2014-8570MEDIUMCVSS 5.3vv200r001vv200r002+2 more2017-04-02
CVE-2014-8570 [MEDIUM] CWE-200 CVE-2014-8570: Huawei S9300, S9303, S9306, S9312 with software V100R002; S7700, S7703, S7706, S7712 with software V Huawei S9300, S9303, S9306, S9312 with software V100R002; S7700, S7703, S7706, S7712 with software V100R003, V100R006, V200R001, V200R002, V200R003, V200R005; S9300E, S9303E, S9306E, S9312E with software V200R001; S9700, S9703, S9706, S9712 with software V200R002, V200R003, V200R005; S12708, S12712 with software V200R005; 5700HI, 5300HI with software
nvd
CVE-2016-6518HIGHCVSS 7.5vv200r001c00vv200r001c01+5 more2016-09-26
CVE-2016-6518 [HIGH] CWE-399 CVE-2016-6518: Memory leak in Huawei S9300, S5300, S5700, S6700, S7700, S9700, and S12700 devices allows remote att Memory leak in Huawei S9300, S5300, S5700, S6700, S7700, S9700, and S12700 devices allows remote attackers to cause a denial of service (memory consumption and restart) via a large number of malformed packets.
nvd
CVE-2016-6670MEDIUMCVSS 5.3vv200r003c00vv200r005c002016-09-07
CVE-2016-6670 [MEDIUM] CWE-200 CVE-2016-6670: Huawei S7700, S9300, S9700, and S12700 devices with software before V200R008C00SPC500 use random num Huawei S7700, S9300, S9700, and S12700 devices with software before V200R008C00SPC500 use random numbers with insufficient entropy to generate self-signed certificates, which makes it easier for remote attackers to discover private keys by leveraging knowledge of a certificate.
nvd
CVE-2015-8676HIGHCVSS 7.5≥ v200r001c00, < v200r001sph023≥ v200r002c00, < v200r003c00+1 more2016-04-14
CVE-2015-8676 [HIGH] CWE-119 CVE-2015-8676: Memory leak in Huawei S5300EI, S5300SI, S5310HI, S6300EI/ S2350EI, and S5300LI Campus series switche Memory leak in Huawei S5300EI, S5300SI, S5310HI, S6300EI/ S2350EI, and S5300LI Campus series switches with software V200R001C00 before V200R001SPH018, V200R002C00 before V200R003SPH011, and V200R003C00 before V200R003SPH011; S9300, S7700, and S9700 Campus series switches with software V200R001C00 before V200R001SPH023, V200R002C00 before V200R003SPH011,
nvd
CVE-2015-8677MEDIUMCVSS 6.5≥ v200r003c00, < v200r003sph011≥ v200r005c00, < v200r005sph009+1 more2016-04-14
CVE-2015-8677 [MEDIUM] CWE-399 CVE-2015-8677: Memory leak in Huawei S5300EI, S5300SI, S5310HI, and S6300EI Campus series switches with software V2 Memory leak in Huawei S5300EI, S5300SI, S5310HI, and S6300EI Campus series switches with software V200R003C00 before V200R003SPH011 and V200R005C00 before V200R005SPH008; S2350EI and S5300LI Campus series switches with software V200R003C00 before V200R003SPH011, V200R005C00 before V200R005SPH008, and V200R006C00 before V200R006SPH002; S9300, S7700, an
nvd
CVE-2016-3678HIGHCVSS 7.5vv200r003c00spc5002016-04-11
CVE-2016-3678 [HIGH] CWE-20 CVE-2016-3678: Huawei Quidway S9700, S5700, S5300, S9300, and S7700 switches with software before V200R003SPH012 al Huawei Quidway S9700, S5700, S5300, S9300, and S7700 switches with software before V200R003SPH012 allow remote attackers to cause a denial of service (switch restart) via crafted traffic.
nvd
← Previous2 / 2