Vulnerability Details : CVE-2015-7844
Huawei FusionAccess with software V100R005C10,V100R005C20 could allow attackers to craft and send a malformed HDP protocol packet to cause the virtual cloud desktop to be displaying an error and not usable.
Vulnerability category: Input validation
Products affected by CVE-2015-7844
- cpe:2.3:a:huawei:fusionaccess:v100r005c20:*:*:*:*:*:*:*
- cpe:2.3:a:huawei:fusionaccess:v100r005c10:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2015-7844
0.17%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 35 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-7844
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.8
|
HIGH | AV:N/AC:L/Au:N/C:N/I:N/A:C |
10.0
|
6.9
|
NIST | |
|
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2015-7844
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-7844
-
http://www.huawei.com/en/psirt/security-advisories/hw-453537
Security Advisory - Insufficient Input Verification Vulnerability in the FusionAccessVendor Advisory
Jump to