var-201511-0201
Vulnerability from variot
Huawei eSpace U2980 unified gateway with software before V100R001C10 and U2990 with software before V200R001C10 allow remote authenticated users to cause a denial of service via crafted signaling packets from a registered device. Huawei eSpace U2980 and U2990 are both Huawei's telephone switch products. A denial of service vulnerability exists in the Huawei eSpace U2980 and U2990 switches. An attacker could exploit the vulnerability to cause a program to deny legitimate users. Huawei eSpace U2980 and U2990 have security vulnerabilities because no error correction mechanism is used when processing specific signal packets. The attacker sends malformed packets, which can cause some services of U2990 and U2980 to refuse service
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201511-0201",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "espace u2990",
"scope": null,
"trust": 1.2,
"vendor": "huawei",
"version": null
},
{
"model": "espace u2980",
"scope": null,
"trust": 1.2,
"vendor": "huawei",
"version": null
},
{
"model": "espace",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c02"
},
{
"model": "espace",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r001c02"
},
{
"model": "espace u2980 unified gateway",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "espace u2990 unified gateway",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "espace",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v100r001c10 (espace u2980)"
},
{
"model": "espace",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v200r001c10 (espace u2990)"
},
{
"model": "espace",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v200r001c02"
},
{
"model": "espace",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v100r001c02"
},
{
"model": "espace u2990 v200r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace u2980 v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace u2990 v200r001c10",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace u2980 v100r001c10",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07772"
},
{
"db": "CNVD",
"id": "CNVD-2015-07793"
},
{
"db": "BID",
"id": "77556"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006028"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-393"
},
{
"db": "NVD",
"id": "CVE-2015-8229"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:huawei:espace_unified_gateway_u2980",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:huawei:espace_unified_gateway_u2990",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:espace_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006028"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei",
"sources": [
{
"db": "BID",
"id": "77556"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-393"
}
],
"trust": 0.9
},
"cve": "CVE-2015-8229",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CVE-2015-8229",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-07772",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CNVD-2015-07793",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "VHN-86190",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-8229",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-8229",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2015-07772",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2015-07793",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201511-393",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-86190",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07772"
},
{
"db": "CNVD",
"id": "CNVD-2015-07793"
},
{
"db": "VULHUB",
"id": "VHN-86190"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006028"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-393"
},
{
"db": "NVD",
"id": "CVE-2015-8229"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei eSpace U2980 unified gateway with software before V100R001C10 and U2990 with software before V200R001C10 allow remote authenticated users to cause a denial of service via crafted signaling packets from a registered device. Huawei eSpace U2980 and U2990 are both Huawei\u0027s telephone switch products. A denial of service vulnerability exists in the Huawei eSpace U2980 and U2990 switches. An attacker could exploit the vulnerability to cause a program to deny legitimate users. Huawei eSpace U2980 and U2990 have security vulnerabilities because no error correction mechanism is used when processing specific signal packets. The attacker sends malformed packets, which can cause some services of U2990 and U2980 to refuse service",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-8229"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006028"
},
{
"db": "CNVD",
"id": "CNVD-2015-07772"
},
{
"db": "CNVD",
"id": "CNVD-2015-07793"
},
{
"db": "BID",
"id": "77556"
},
{
"db": "VULHUB",
"id": "VHN-86190"
}
],
"trust": 3.06
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-8229",
"trust": 3.1
},
{
"db": "BID",
"id": "77556",
"trust": 1.5
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006028",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201511-393",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2015-07772",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2015-07793",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "31619",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-89928",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-86190",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07772"
},
{
"db": "CNVD",
"id": "CNVD-2015-07793"
},
{
"db": "VULHUB",
"id": "VHN-86190"
},
{
"db": "BID",
"id": "77556"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006028"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-393"
},
{
"db": "NVD",
"id": "CVE-2015-8229"
}
]
},
"id": "VAR-201511-0201",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07772"
},
{
"db": "CNVD",
"id": "CNVD-2015-07793"
},
{
"db": "VULHUB",
"id": "VHN-86190"
}
],
"trust": 2.02
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 1.2
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07772"
},
{
"db": "CNVD",
"id": "CNVD-2015-07793"
}
]
},
"last_update_date": "2024-11-23T22:13:22.280000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Huawei-SA-20151111-01-eSpace",
"trust": 0.8,
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-461219.htm"
},
{
"title": "Huawei eSpace U2980 and U2990 denial of service vulnerability patches",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/67109"
},
{
"title": "Huawei eSpace U2980/2990 denial of service vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/67215"
},
{
"title": "Huawei eSpace U2980 and U2990 Enter the fix for the verification vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58841"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07772"
},
{
"db": "CNVD",
"id": "CNVD-2015-07793"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006028"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-393"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-86190"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006028"
},
{
"db": "NVD",
"id": "CVE-2015-8229"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-461219.htm"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/77556"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8229"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8229"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/en/security/psirt/report-vulnerabilities/index.htm"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/31619"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/"
},
{
"trust": 0.3,
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-461219.htm"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07772"
},
{
"db": "CNVD",
"id": "CNVD-2015-07793"
},
{
"db": "VULHUB",
"id": "VHN-86190"
},
{
"db": "BID",
"id": "77556"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006028"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-393"
},
{
"db": "NVD",
"id": "CVE-2015-8229"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2015-07772"
},
{
"db": "CNVD",
"id": "CNVD-2015-07793"
},
{
"db": "VULHUB",
"id": "VHN-86190"
},
{
"db": "BID",
"id": "77556"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006028"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-393"
},
{
"db": "NVD",
"id": "CVE-2015-8229"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-07772"
},
{
"date": "2015-11-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-07793"
},
{
"date": "2015-11-24T00:00:00",
"db": "VULHUB",
"id": "VHN-86190"
},
{
"date": "2015-11-11T00:00:00",
"db": "BID",
"id": "77556"
},
{
"date": "2015-11-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006028"
},
{
"date": "2015-11-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201511-393"
},
{
"date": "2015-11-24T20:59:22.147000",
"db": "NVD",
"id": "CVE-2015-8229"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-07772"
},
{
"date": "2015-11-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-07793"
},
{
"date": "2016-08-18T00:00:00",
"db": "VULHUB",
"id": "VHN-86190"
},
{
"date": "2015-11-11T00:00:00",
"db": "BID",
"id": "77556"
},
{
"date": "2015-11-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006028"
},
{
"date": "2015-11-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201511-393"
},
{
"date": "2024-11-21T02:38:08.037000",
"db": "NVD",
"id": "CVE-2015-8229"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201511-393"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei eSpace U2980 and U2990 Unified Gateway Service disruption in other software (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006028"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201511-393"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…