CVE-2014-3223

moderate-risk
Published 2017-04-02

Huawei S9300 with software before V100R006SPH013 and S2300,S3300,S5300,S6300 with software before V100R006SPH010 support Y.1731 and therefore have the Y.1731 vulnerability in processing special packets. The vulnerability causes the restart of switches.

Do I need to act?

-
0.18% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10 High
NETWORK / LOW complexity

Affected Products (14)

S3300 Firmware
S5300 Firmware
S6300 Firmware
S6300 Firmware
S6300 Firmware
S3300 Firmware
S3300 Firmware
S2300 Firmware
S2300 Firmware
S2300 Firmware
S5300 Firmware
S5300 Firmware

Affected Vendors

Huawei

References (2)

Mitigation http://www.huawei.com/en/psirt/security-advisories/hw-329625
Mitigation http://www.huawei.com/en/psirt/security-advisories/hw-329625
45
/ 100
moderate-risk
Severity 26/34 · High
Exploitability 1/34 · Minimal
Exposure 18/34 · Moderate