Skip to main content

Jg786A Hp Flexfabric 12500 4 Port 100Gbe Cfp Fd CVE-2015-5434

MEDIUM
Permissions, Privileges, and Access Controls (CWE-264)
2016-01-05 hp-security-alert@hp.com
HP Privilege Escalation Denial Of Service Jg786A Hp Flexfabric 12500 4 Port 100Gbe Cfp Fd Jg787A Hp Flexfabric 12500 4 Port 100Gbe Cfp Fd Taa Jg788A Hp Flexfabric 12500 4 Port 100Gbe Cfp Fg Jg789A Hp Flexfabric 12500 4 Port 100Gbe Cfp Fg Taa Jg798A Hp Flexfabric 12508E Fabric Jg810Aae Hp Vsr1001 Virtual Services Router 60 Day Evaluation Jh192A Hp 10500 48 Port Gig T Rj45 Se Jh196A Hp 10500 2 Port 100Gbe Cfp Ec Jc072B Hp 12500 Main Processing Unit Jc085A Hp A12518 Switch Chassis Jc086A Hp A12508 Switch Chassis Jc124A Hp A9508 Switch Chassis Jc124B Hp 9505 Switch Chassis Jc125A Hp A9512 Switch Chassis Jc125B Hp 9512 Switch Chassis Jc474A Hp A9508 V Switch Chassis Jc474B Hp 9508 V Switch Chassis Jc611A Hp 10508 V Switch Chassis Jc612A Hp 10508 Switch Chassis Jc613A Hp 10504 Switch Chassis Jc652A Hp 12508 Dc Switch Chassis Jc653A Hp 12518 Dc Switch Chassis Jc654A Hp 12504 Ac Switch Chassis Jc655A Hp 12504 Dc Switch Chassis Jc748A Hp 10512 Switch Chassis Jc808A Hp 12500 Taa Main Processing Unit Jf430A Hp A12518 Switch Chassis Jf430B Hp 12518 Switch Chassis Jf430C Hp 12518 Ac Switch Chassis Jf431A Hp A12508 Switch Chassis Jf431B Hp 12508 Switch Chassis Jf431C Hp 12508 Ac Switch Chassis Jg296A Hp 5920Af 24Xg Switch Jg353A Hp Hsr6602 G Router Jg354A Hp Hsr6602 Xg Router Jg361A Hp Hsr6802 Router Chassis Jg361B Hp Hsr6802 Router Chassis Jg362A Hp Hsr6804 Router Chassis Jg362B Hp Hsr6804 Router Chassis Jg363A Hp Hsr6808 Router Chassis Jg363B Hp Hsr6808 Router Chassis Jg364A Hp Hsr6800 Rse X2 Router Main Processing Unit Jg402A Hp Msr4080 Router Chassis Jg403A Hp Msr4060 Router Chassis Jg404A Hp Msr3064 Router Jg405A Hp Msr3044 Router Jg406A Hp Msr3024 Ac Router Jg407A Hp Msr3024 Dc Router Jg408A Hp Msr3024 Poe Router Jg409A Hp Msr3012 Ac Router Jg410A Hp Msr3012 Dc Router Jg411A Hp Msr2003 Ac Router Jg412A Hp Msr4000 Mpu 100 Main Processing Unit Jg555A Hp 5920Af 24Xg Taa Switch Jg734A Hp Msr2004 24 Ac Router Jg735A Hp Msr2004 48 Router Jg776A Hp Hsr6602 G Taa Compliant Router Jg777A Hp Hsr6602 Xg Taa Compliant Router Jg779A Hp Hsr6800 Rse X2 Router Taa Compliant Main Processing Unit Jg782A Hp Ff 12508E Ac Switch Chassis Jg783A Hp Ff 12508E Dc Switch Chassis Jg784A Hp Ff 12518E Ac Switch Chassis Jg785A Hp Ff 12518E Dc Switch Chassis Jg802A Hp Ff 12500E Mpu Jg803A Hp Flexfabric 12500E Taa Compliant Main Processing Unit Jg811Aae Hp Vsr1001 Comware 7 Virtual Services Router Jg812Aae Hp Vsr1004 Comware 7 Virtual Services Router Jg813Aae Hp Vsr1008 Comware 7 Virtual Services Router Jg820A Hp 10504 Taa Switch Chassis Jg821A Hp 10508 Taa Switch Chassis Jg822A Hp 10508 V Taa Switch Chassis Jg823A Hp 10512 Taa Switch Chassis Jg834A Hp Flexfabric 12508E Ac Switch Taa Compliant Chassis Jg835A Hp Flexfabric 12508E Dc Switch Taa Compliant Chassis Jg836A Hp Flexfabric 12518E Ac Switch Taa Compliant Chassis Jg837A Hp Flexfabric 12518E Dc Switch Taa Compliant Chassis Jg861A Hp Msr3024 Taa Compliant Ac Router Jg866A Hp Msr2003 Taa Compliant Ac Router Jg869A Hp Msr4000 Taa Compliant Mpu 100 Main Processing Unit Jg875A Hp Msr1002 4 Ac Router Jh060A Hp Msr1003 8S Ac Router Jh075A Hp Hsr6800 Rse X3 Router Main Processing Unit Jh179A Hp Flexfabric 5930 4 Slot Switch Jh188A Hp Flexfabric 5930 4 Slot Taa Compliant Switch Jg496A Hp 10500 Type A Mpu With Comware Jg497A Hp 12500 Mpu W Comware Jh198A Hp 10500 Type D Main Processing Unit With Comware
6.5
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
Low

Lifecycle Timeline

1
CVE Published
Jan 05, 2016 - 11:59 cve.org
MEDIUM 6.5

DescriptionCVE.org

HPE Networking Products, originally branded as Comware 5, Comware 7, H3C, or HP, allow remote attackers to bypass intended access restrictions or cause a denial of service via "Virtual routing and forwarding (VRF) hopping."

AnalysisAI

HPE Networking Products, originally branded as Comware 5, Comware 7, H3C, or HP, allow remote attackers to bypass intended access restrictions or cause a denial of service via "Virtual routing and. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Technical ContextAI

This vulnerability is classified under CWE-264. HPE Networking Products, originally branded as Comware 5, Comware 7, H3C, or HP, allow remote attackers to bypass intended access restrictions or cause a denial of service via "Virtual routing and forwarding (VRF) hopping." Affected products include: Hp Jg786A Hp Flexfabric 12500 4-Port 100Gbe Cfp Fd, Hp Jg787A Hp Flexfabric 12500 4-Port 100Gbe Cfp Fd Taa, Hp Jg788A Hp Flexfabric 12500 4-Port 100Gbe Cfp Fg, Hp Jg789A Hp Flexfabric 12500 4-Port 100Gbe Cfp Fg Taa, Hp Jg798A Hp Flexfabric 12508E Fabric.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Share

CVE-2015-5434 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy