7.8

CVE-2014-4706

Huawei Campus S3700HI with software V200R001C00SPC300; Campus S5700 with software V200R002C00SPC100; Campus S7700 with software V200R003C00SPC300,V200R003C00SPC500; LSW S9700 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500; S2350 with software V200R003C00SPC300; S2750 with software V200R003C00SPC300; S5300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S5700 with software V200R001C00SPC300,V200R003C00SPC300; S6300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S6700 S3300HI with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S7700 with software V200R001C00SPC300; S9300 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500; S9300E with software V200R003C00SPC300,V200R003C00SPC500 allow attackers to keep sending malformed packets to cause a denial of service (DoS) attack, aka a heap overflow.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
HuaweiCampus S3700hi Firmware Versionv200r001c00spc300
   HuaweiCampus S3700hi Version-
HuaweiS5700 Firmware Versionv200r001c00spc300
   HuaweiS5700 Version-
HuaweiS6700 Firmware Versionv200r001c00spc300
   HuaweiS6700 Version-
HuaweiS3300hi Firmware Versionv200r001c00spc300
   HuaweiS3300hi Version-
HuaweiS5300 Firmware Versionv200r001c00spc300
   HuaweiS5300 Version-
HuaweiS6300 Firmware Versionv200r001c00spc300
   HuaweiS6300 Version-
HuaweiS9300 Firmware Versionv200r001c00spc300
   HuaweiS9300 Version-
HuaweiS7700 Firmware Versionv200r001c00spc300
   HuaweiS7700 Version-
HuaweiLsw S9700 Firmware Versionv200r001c00spc300
   HuaweiLsw S9700 Version-
HuaweiCampus S5700 Firmware Versionv200r002c00spc100
   HuaweiCampus S5700 Version-
HuaweiS6700 Firmware Versionv200r002c00spc100
   HuaweiS6700 Version-
HuaweiS5300 Firmware Versionv200r002c00spc100
   HuaweiS5300 Version-
HuaweiS6300 Firmware Versionv200r002c00spc100
   HuaweiS6300 Version-
HuaweiCampus S7700 Firmware Versionv200r003c00spc300
   HuaweiCampus S7700 Version-
HuaweiS9300 Firmware Versionv200r003c00spc300
   HuaweiS9300 Version-
HuaweiS9300e Firmware Versionv200r003c00spc300
   HuaweiS9300e Version-
HuaweiS5300 Firmware Versionv200r003c00spc300
   HuaweiS5300 Version-
HuaweiS5700 Firmware Versionv200r003c00spc300
   HuaweiS5700 Version-
HuaweiS6300 Firmware Versionv200r003c00spc300
   HuaweiS6300 Version-
HuaweiS6700 Firmware Versionv200r003c00spc300
   HuaweiS6700 Version-
HuaweiS2350 Firmware Versionv200r003c00spc300
   HuaweiS2350 Version-
HuaweiS2750 Firmware Versionv200r003c00spc300
   HuaweiS2750 Version-
HuaweiLsw S9700 Firmware Versionv200r003c00spc300
   HuaweiLsw S9700 Version-
HuaweiCampus S7700 Firmware Versionv200r003c00spc500
   HuaweiCampus S7700 Version-
HuaweiS9300 Firmware Versionv200r003c00spc500
   HuaweiS9300 Version-
HuaweiS9300e Firmware Versionv200r003c00spc500
   HuaweiS9300e Version-
HuaweiLsw S9700 Firmware Versionv200r003c00spc500
   HuaweiLsw S9700 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.17% 0.353
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:N/I:N/A:C
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.