Vulnerability Details : CVE-2015-8083
An unspecified module in Huawei eSpace U1910, U1911, U1930, U1960, U1980, and U1981 unified gateways with software before V200R003C00SPC300 does not properly initialize memory when processing timeout messages, which allows remote attackers to cause a denial of service (out-of-bounds memory access and device restart) via unknown vectors.
Vulnerability category: OverflowDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2015-8083
Probability of exploitation activity in the next 30 days: 0.26%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 63 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2015-8083
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.8
|
HIGH | AV:N/AC:L/Au:N/C:N/I:N/A:C |
10.0
|
6.9
|
NIST |
CWE ids for CVE-2015-8083
-
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-8083
-
http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-453506.htm
Security Advisory - DoS Vulnerability in Huawei U1900 ProductsVendor Advisory
Products affected by CVE-2015-8083
- cpe:2.3:o:huawei:espace_firmware:*:*:*:*:*:*:*:*