CVE-2015-5434
high-risk
Published 2016-01-05
HPE Networking Products, originally branded as Comware 5, Comware 7, H3C, or HP, allow remote attackers to bypass intended access restrictions or cause a denial of service via "Virtual routing and forwarding (VRF) hopping."
Do I need to act?
-
0.70% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
6
CVSS 6.5/10
Medium
NETWORK
/ LOW complexity
Affected Products (20)
Jg787A Hp Flexfabric 12500 4-Port 100Gbe Cfp Fd Taa
Jg789A Hp Flexfabric 12500 4-Port 100Gbe Cfp Fg Taa
Jg798A Hp Flexfabric 12508E Fabric
Jh192A Hp 10500 48-Port Gig-T \(Rj45\) Se
Jc072B Hp 12500 Main Processing Unit
Jc124A Hp A9508 Switch Chassis
Jc125A Hp A9512 Switch Chassis
Jc474B Hp 9508-V Switch Chassis
Jc611A Hp 10508-V Switch Chassis
Jc612A Hp 10508 Switch Chassis
Jc652A Hp 12508 Dc Switch Chassis
Jc653A Hp 12518 Dc Switch Chassis
Jc654A Hp 12504 Ac Switch Chassis
Jc655A Hp 12504 Dc Switch Chassis
Jf430B Hp 12518 Switch Chassis
Jf430C Hp 12518 Ac Switch Chassis
Jf431A Hp A12508 Switch Chassis
Jf431B Hp 12508 Switch Chassis
Jg353A Hp Hsr6602-G Router
Jg354A Hp Hsr6602-Xg Router
Affected Vendors
55
/ 100
high-risk
Severity
24/34 · High
Exploitability
2/34 · Minimal
Exposure
29/34 · Critical