Vulnerabilities > CVE-2015-8087 - Resource Management Errors vulnerability in Huawei NE Router Software

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

huawei

CWE-399

NVD

Published: 2015-11-19

Updated: 2015-11-20

Summary

Huawei NE20E-S, NE40E-M, and NE40E-M2 routers with software before V800R007C10SPC100 and NE40E and NE80E routers with software before V800R007C00SPC100 allows remote attackers to send packets to other VPNs and conduct flooding attacks via a crafted MPLS forwarding packet, aka a "VPN routing and forwarding (VRF) hopping vulnerability."

Vulnerable Configurations

Part	Description	Count
Application	Huawei Huawei NE Router Software *	1
Hardware	Huawei Huawei Ne20E S - Huawei Ne40E M - Huawei Ne40E M2 - Huawei Ne40E - Huawei Ne80E -	5

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

References

http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-457933.htm