Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-3224 | 1 Huawei | 14 Quidway S5300, Quidway S5300 Firmware, Quidway S5700 and 11 more | 2025-04-20 | 7.8 HIGH | 7.5 HIGH |
| Huawei Quidway S9700 V200R003C00SPC500, Quidway S9300 V200R003C00SPC500, Quidway S7700 V200R003C00SPC500, Quidway S6700 V200R003C00SPC300, Quidway S6300 V200R003C00SPC300, Quidway S5700 V200R003C00SPC300, Quidway S5300 V200R003C00SPC300 enable attackers to launch DoS attacks by crafting and sending malformed packets to these vulnerable products. | |||||
| CVE-2015-8085 | 1 Huawei | 14 Ar, Ar Firmware, Quidway S5300 and 11 more | 2025-04-12 | 4.0 MEDIUM | 4.9 MEDIUM |
| Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software before V200R009C00; S12700 routers with software before V200R008C00SPC500; S9300, Quidway S5300, and S5300 routers with software before V200R007C00; and S5700 routers with software before V200R007C00SPC500 make it easier for remote authenticated administrators to obtain and decrypt passwords by leveraging selection of a reversible encryption algorithm. | |||||
| CVE-2015-8086 | 1 Huawei | 14 Ar, Ar Firmware, Quidway S5300 and 11 more | 2025-04-12 | 4.0 MEDIUM | 4.9 MEDIUM |
| Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software before V200R009C00; S12700 routers with software before V200R008C00SPC500; S9300, Quidway S5300, and S5300 routers with software before V200R007C00; and S5700 routers with software before V200R007C00SPC500 makes it easier for remote authenticated administrators to obtain encryption keys and ciphertext passwords via vectors related to key storage. | |||||
| CVE-2015-1460 | 1 Huawei | 10 Quidway Firmware, Quidway S2350, Quidway S2750 and 7 more | 2025-04-12 | 7.5 HIGH | N/A |
| Huawei Quidway switches with firmware before V200R005C00SPC300 allows remote attackers to gain privileges via a crafted packet. | |||||
| CVE-2015-2808 | 9 Canonical, Debian, Fujitsu and 6 more | 99 Ubuntu Linux, Debian Linux, Sparc Enterprise M3000 and 96 more | 2025-04-12 | 5.0 MEDIUM | N/A |
| The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue. | |||||