CVE-2015-2255 — MEDIUM (5.9)

Vulnerability Description

Huawei AR1220 routers with software before V200R005SPH006 allow remote attackers to cause a denial of service (board reset) via vectors involving a large amount of traffic from the GE port to the FE port.

CVSS Score

5.9

MEDIUM

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Huawei	Ar1220 Firmware	v200r005c00spc200
Huawei	Ar1220	-

Related Weaknesses (CWE)

CWE-19

References

http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hVendor Advisory
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hVendor Advisory

FAQ

What is CVE-2015-2255?

CVE-2015-2255 is a vulnerability with a CVSS score of 5.9 (MEDIUM). Huawei AR1220 routers with software before V200R005SPH006 allow remote attackers to cause a denial of service (board reset) via vectors involving a large amount of traffic from the GE port to the FE p...

How severe is CVE-2015-2255?

CVE-2015-2255 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-2255?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei Ar1220 Firmware, Huawei Ar1220.