Vulnerability Description
HPE Networking Products, originally branded as Comware 5, Comware 7, H3C, or HP, allow remote attackers to bypass intended access restrictions or cause a denial of service via "Virtual routing and forwarding (VRF) hopping."
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hp | Jg786A Hp Flexfabric 12500 4-Port 100Gbe Cfp Fd | - |
| Hp | Jg787A Hp Flexfabric 12500 4-Port 100Gbe Cfp Fd Taa | - |
| Hp | Jg788A Hp Flexfabric 12500 4-Port 100Gbe Cfp Fg | - |
| Hp | Jg789A Hp Flexfabric 12500 4-Port 100Gbe Cfp Fg Taa | - |
| Hp | Jg798A Hp Flexfabric 12508E Fabric | - |
| Hp | Jg810Aae Hp Vsr1001 Virtual Services Router 60 Day Evaluation | - |
| Hp | Jh192A Hp 10500 48-Port Gig-T \(Rj45\) Se | - |
| Hp | Jh196A Hp 10500 2-Port 100Gbe Cfp Ec | - |
| Hp | Jc072B Hp 12500 Main Processing Unit | - |
| Hp | Jc085A Hp A12518 Switch Chassis | - |
| Hp | Jc086A Hp A12508 Switch Chassis | - |
| Hp | Jc124A Hp A9508 Switch Chassis | - |
| Hp | Jc124B Hp 9505 Switch Chassis | - |
| Hp | Jc125A Hp A9512 Switch Chassis | - |
| Hp | Jc125B Hp 9512 Switch Chassis | - |
| Hp | Jc474A Hp A9508-V Switch Chassis | - |
| Hp | Jc474B Hp 9508-V Switch Chassis | - |
| Hp | Jc611A Hp 10508-V Switch Chassis | - |
| Hp | Jc612A Hp 10508 Switch Chassis | - |
| Hp | Jc613A Hp 10504 Switch Chassis | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/79869
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-cPatchVendor Advisory
- http://www.securityfocus.com/bid/79869
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-cPatchVendor Advisory
FAQ
What is CVE-2015-5434?
CVE-2015-5434 is a vulnerability with a CVSS score of 6.5 (MEDIUM). HPE Networking Products, originally branded as Comware 5, Comware 7, H3C, or HP, allow remote attackers to bypass intended access restrictions or cause a denial of service via "Virtual routing and for...
How severe is CVE-2015-5434?
CVE-2015-5434 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-5434?
Check the references section above for vendor advisories and patch information. Affected products include: Hp Jg786A Hp Flexfabric 12500 4-Port 100Gbe Cfp Fd, Hp Jg787A Hp Flexfabric 12500 4-Port 100Gbe Cfp Fd Taa, Hp Jg788A Hp Flexfabric 12500 4-Port 100Gbe Cfp Fg, Hp Jg789A Hp Flexfabric 12500 4-Port 100Gbe Cfp Fg Taa, Hp Jg798A Hp Flexfabric 12508E Fabric.