|
2015-04-01
|
CVE-2015-2808
|
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue.
|
Ubuntu_linux, Debian_linux, Sparc_enterprise_m3000_firmware, Sparc_enterprise_m4000_firmware, Sparc_enterprise_m5000_firmware, Sparc_enterprise_m8000_firmware, Sparc_enterprise_m9000_firmware, 9700_firmware, E6000_firmware, E9000_firmware, Oceanstor_18500_firmware, Oceanstor_18800_firmware, Oceanstor_18800f_firmware, Oceanstor_9000_firmware, Oceanstor_cse_firmware, Oceanstor_hvs85t_firmware, Oceanstor_replicationdirector, Oceanstor_s2600t_firmware, Oceanstor_s5500t_firmware, Oceanstor_s5600t_firmware, Oceanstor_s5800t_firmware, Oceanstor_s6800t_firmware, Oceanstor_vis6600t_firmware, Policy_center, Quidway_s9300_firmware, S12700_firmware, S2700_firmware, S2750_firmware, S3700_firmware, S5700ei_firmware, S5700hi_firmware, S5700li_firmware, S5700s\-Li_firmware, S5700si_firmware, S5710ei_firmware, S5710hi_firmware, S5720ei_firmware, S5720hi_firmware, S6700_firmware, S7700_firmware, Smc2\.0, Te60_firmware, Ultravr, Cognos_metrics_manager, Opensuse, Communications_application_session_controller, Communications_policy_management, Http_server, Integrated_lights_out_manager_firmware, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Satellite, Linux_enterprise_debuginfo, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit, Manager
|
N/A
|
|
|
|
2018-03-05
|
CVE-2017-17141
|
Huawei S12700 V200R005C00; V200R006C00; V200R007C00; V200R007C01; V200R007C20; V200R008C00; V200R009C00;S1700 V200R006C10; V200R009C00;S2700 V100R006C03; V200R003C00; V200R005C00; V200R006C00; V200R006C10; V200R007C00; V200R007C00B050; V200R007C00SPC009T; V200R007C00SPC019T; V200R008C00; V200R009C00;S3700 V100R006C03;S5700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R003C02; V200R005C00; V200R005C01; V200R005C02; V200R005C03; V200R006C00; V200R007C00; V200R008C00;...
|
S12700_firmware, S1700_firmware, S2700_firmware, S3700_firmware, S5700_firmware, S6700_firmware, S7700_firmware, S9700_firmware
|
3.7
|
|
|
|
2017-06-08
|
CVE-2015-3913
|
The IP stack in multiple Huawei Campus series switch models allows remote attackers to cause a denial of service (reboot) via a crafted ICMP request message.
|
S12700_firmware, S2300_firmware, S2350ei_firmware, S2700_firmware, S2750ei_firmware, S3300_firmware, S3700_firmware, S5300ei_firmware, S5300hi_firmware, S5300li_firmware, S5300si_firmware, S5700ei_firmware, S5700hi_firmware, S5700li_firmware, S5700si_firmware, S5710hi_firmware, S5720hi_firmware, S6300ei_firmware, S6700ei_firmware, S7700_firmware, S9300_firmware, S9700_firmware
|
7.5
|
|
|
|
2018-01-08
|
CVE-2014-5394
|
Multiple Huawei Campus switches allow remote attackers to enumerate usernames via vectors involving use of SSH by the maintenance terminal.
|
S2300_firmware, S2700_firmware, S3300_firmware, S3700_firmware, S5300_firmware, S5700_firmware, S6300_firmware, S6700_firmware, S7700_firmware, S9300_firmware, S9300e_firmware, S9700_firmware
|
5.9
|
|
|