CVE-2015-8084
CVSS V2 High 7.1
CVSS V3 None
Description
Huawei USG5500, USG2100, USG2200, and USG5100 unified security gateways with software before V300R001C10SPC600, when "DHCP Snooping" is enabled and either "option82 insert" or "option82 rebuild" is enabled on an interface, allow remote attackers to cause a denial of service (reboot) via crafted DHCP packets.
Overview
- CVE ID
- CVE-2015-8084
- Assigner
- cve@mitre.org
- Vulnerability Status
- Analyzed
- Published Version
- 2015-12-07T20:59:10
- Last Modified Date
- 2015-12-08T20:49:06
Weakness Enumerations
CPE Configuration (Product)
CPE | Vulnerable | Operator | Version Start | Version End |
---|---|---|---|---|
AND | ||||
cpe:2.3:o:huawei:unified_security_gateway_firmware:*:*:*:*:*:*:*:* | 1 | OR | v300r001c10 | |
cpe:2.3:h:huawei:usg2100:*:*:*:*:*:*:*:* | 0 | OR | ||
cpe:2.3:h:huawei:usg2200:*:*:*:*:*:*:*:* | 0 | OR | ||
cpe:2.3:h:huawei:usg5100:*:*:*:*:*:*:*:* | 0 | OR | ||
cpe:2.3:h:huawei:usg5500:*:*:*:*:*:*:*:* | 0 | OR |
CVSS Version 2
- Version
- 2.0
- Vector String
- AV:N/AC:M/Au:N/C:N/I:N/A:C
- Access Vector
- NETWORK
- Access Compatibility
- MEDIUM
- Authentication
- NONE
- Confidentiality Impact
- NONE
- Integrity Impact
- NONE
- Availability Impact
- COMPLETE
- Base Score
- 7.1
- Severity
- HIGH
- Exploitability Score
- 8.6
- Impact Score
- 6.9
References
Reference URL | Reference Tags |
---|---|
http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-457916.htm | Vendor Advisory |
http://www.securityfocus.com/bid/77300 |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2015-8084 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8084 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2022-05-10 10:18:34 | Added to TrackCVE | |||
2022-12-02 07:23:11 | 2015-12-07T20:59Z | 2015-12-07T20:59:10 | CVE Published Date | updated |
2022-12-02 07:23:11 | 2015-12-08T20:49:06 | CVE Modified Date | updated | |
2022-12-02 07:23:11 | Analyzed | Vulnerability Status | updated |