Vulnerabilities > CVE-2014-3224 - Resource Management Errors vulnerability in Huawei products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
huawei
CWE-399
nessus
NVD
Published: 2017-04-02
Updated: 2017-04-05

Summary

Huawei Quidway S9700 V200R003C00SPC500, Quidway S9300 V200R003C00SPC500, Quidway S7700 V200R003C00SPC500, Quidway S6700 V200R003C00SPC300, Quidway S6300 V200R003C00SPC300, Quidway S5700 V200R003C00SPC300, Quidway S5300 V200R003C00SPC300 enable attackers to launch DoS attacks by crafting and sending malformed packets to these vulnerable products.

Vulnerable Configurations

Part Description Count
OS
Huawei
7
Hardware
Huawei
7

Common Weakness Enumeration (CWE)

Nessus

NASL familyHuawei Local Security Checks
NASL idHUAWEI-SA-20140423-01-QUIDWAY.NASL
descriptionThe remote host is a Huawei Quidway switch running a firmware version that is affected by a denial of service vulnerability. The issue is due to a failure to properly validate input. A remote, unauthenticated attacker could exploit this vulnerability by sending malformed packets to cause excessive memory consumption or even a device reboot.
last seen2020-06-01
modified2020-06-02
plugin id76796
published2014-07-25
reporterThis script is Copyright (C) 2014 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/76796
titleHuawei Quidway Switches DoS (HWPSIRT-2014-0301)

References