7.8
CVE-2014-4190
- EPSS 0.25%
- Published 17.06.2014 14:55:08
- Last modified 12.04.2025 10:46:40
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
Multiple heap-based buffer overflows in Huawei Campus Series Switches S3700HI, S5700, S6700, S3300HI, S5300, S6300, S9300, S7700, and LSW S9700 with software V200R001 before V200R001SPH013; S5700, S6700, S5300, and S6300 with software V200R002 before V200R002SPH005; S7700, S9300, S9300E, S5300, S5700, S6300, S6700, S2350, S2750, and LSW S9700 with software V200R003 before V200R003SPH005; and S7700, S9300, S9300E, and LSW S9700 with software V200R005 before V200R005C00SPC300 allow remote attackers to cause a denial of service (device restart) via a crafted length field in a packet.
Data is provided by the National Vulnerability Database (NVD)
Huawei ≫ Campus Series Switch Software Versionv200r001
Huawei ≫ Campus Lsw S9700 Version-
Huawei ≫ Campus S3300hi Version-
Huawei ≫ Campus S3700hi Version-
Huawei ≫ Campus S5300 Version-
Huawei ≫ Campus S5700 Version-
Huawei ≫ Campus S6300 Version-
Huawei ≫ Campus S6700 Version-
Huawei ≫ Campus S7700 Version-
Huawei ≫ Campus S9300 Version-
Huawei ≫ Campus Series Switch Software Versionv200r005
Huawei ≫ Campus Lsw S9700 Version-
Huawei ≫ Campus S7700 Version-
Huawei ≫ Campus S9300 Version-
Huawei ≫ Campus S9300e Version-
Huawei ≫ Campus Series Switch Software Versionv200r003
Huawei ≫ Campus Lsw S9700 Version-
Huawei ≫ Campus S2350 Version-
Huawei ≫ Campus S2750 Version-
Huawei ≫ Campus S5300 Version-
Huawei ≫ Campus S5700 Version-
Huawei ≫ Campus S6300 Version-
Huawei ≫ Campus S6700 Version-
Huawei ≫ Campus S7700 Version-
Huawei ≫ Campus S9300 Version-
Huawei ≫ Campus S9300e Version-
Huawei ≫ Campus Series Switch Software Versionv200r002
Huawei ≫ Campus S5300 Version-
Huawei ≫ Campus S5700 Version-
Huawei ≫ Campus S6300 Version-
Huawei ≫ Campus S6700 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.25% | 0.454 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 10 | 6.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.