CVE-2014-8572
high-risk
Published 2017-04-02
Huawei AC6605 with software V200R001C00; AC6605 with software V200R002C00; ACU with software V200R001C00; ACU with software V200R002C00; S2300, S3300, S2700, S3700 with software V100R006C05 and earlier versions; S5300, S5700, S6300, S6700 with software V100R006, V200R001, V200R002, V200R003, V200R005C00SPC300 and earlier versions; S7700, S9300, S9300E, S9700 with software V100R006, V200R001, V200R002, V200R003, V200R005C00SPC300 and earlier versions could allow remote attackers to send a special SSH packet to the VRP device to cause a denial of service.
Do I need to act?
-
0.28% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10
High
NETWORK
/ LOW complexity
Affected Products (20)
Ac6605 Firmware
Acu Firmware
Acu Firmware
S5300 Firmware
S5300 Firmware
S5300 Firmware
S5300 Firmware
S6300 Firmware
S6300 Firmware
S6300 Firmware
Affected Vendors
References (2)
Vendor Advisory
http://www.huawei.com/en/psirt/security-advisories/hw-373182
Vendor Advisory
http://www.huawei.com/en/psirt/security-advisories/hw-373182
52
/ 100
high-risk
Severity
26/34 · High
Exploitability
1/34 · Minimal
Exposure
25/34 · High