CVE-2015-8085

EPSS 0.04%
Published 03.10.2016 21:59:03
Last modified 12.04.2025 10:46:40
Source cve@mitre.org
Teams watchlist Login
Open Login

Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software before V200R009C00; S12700 routers with software before V200R008C00SPC500; S9300, Quidway S5300, and S5300 routers with software before V200R007C00; and S5700 routers with software before V200R007C00SPC500 make it easier for remote authenticated administrators to obtain and decrypt passwords by leveraging selection of a reversible encryption algorithm.

Affected products Warnungen 0 Metrics 3 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

Huawei ≫ S9300 Firmware Versionv200r005c00spc300

Huawei ≫ S9300 Version-

Huawei ≫ S9300 Firmware Versionv200r006c00spc500

Huawei ≫ S9300 Version-

Huawei ≫ S12700 Firmware Versionv200r005c00

Huawei ≫ S12700 Version-

Huawei ≫ S12700 Firmware Versionv200r006c00

Huawei ≫ S12700 Version-

Huawei ≫ Quidway S9300 Firmware Versionv200r001c00spc300

Huawei ≫ Quidway S9300 Version-

Huawei ≫ Quidway S9300 Firmware Versionv200r002c00spc100

Huawei ≫ Quidway S9300 Version-

Huawei ≫ Quidway S9300 Firmware Versionv200r003c00spc500

Huawei ≫ Quidway S9300 Version-

Huawei ≫ Ar Firmware Versionv200r001

Huawei ≫ Ar Version-

Huawei ≫ Ar Firmware Versionv200r002

Huawei ≫ Ar Version-

Huawei ≫ Ar Firmware Versionv200r003

Huawei ≫ Ar Version-

Huawei ≫ Ar Firmware Versionv200r005c10

Huawei ≫ Ar Version-

Huawei ≫ Ar Firmware Versionv200r005c20

Huawei ≫ Ar Version-

Huawei ≫ Ar Firmware Versionv200r005c30

Huawei ≫ Ar Version-

Huawei ≫ Quidway S5300 Firmware Versionv200r001c00spc300

Huawei ≫ Quidway S5300 Version-

Huawei ≫ S5700 Firmware Versionv200r001c00

Huawei ≫ S5700 Version-

Huawei ≫ S5700 Firmware Versionv200r002c00

Huawei ≫ S5700 Version-

Huawei ≫ S5700 Firmware Versionv200r003c00

Huawei ≫ S5700 Version-

Huawei ≫ S5700 Firmware Versionv200r005c00

Huawei ≫ S5700 Version-

Huawei ≫ S5700 Firmware Versionv200r006c00

Huawei ≫ S5700 Version-

Huawei ≫ S5300 Firmware Versionv200r002c00

Huawei ≫ S5300 Version-

Huawei ≫ S5300 Firmware Versionv200r005c00spc500

Huawei ≫ S5300 Version-

Huawei ≫ S5300 Firmware Versionv200r006c00spc500

Huawei ≫ S5300 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.04%	0.081

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.9	1.2	3.6	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	4	8	2.9	AV:N/AC:L/Au:S/C:P/I:N/A:N

CWE-326 Inadequate Encryption Strength

The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

http://www.huawei.com/en/psirt/security-advisories/hw-455876

Vendor Advisory

http://www.securityfocus.com/bid/76897

https://nvd.nist.gov/vuln/detail/CVE-2015-8085

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-8085

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-8085

EUVD