Vulnerability Details : CVE-2015-8087
Huawei NE20E-S, NE40E-M, and NE40E-M2 routers with software before V800R007C10SPC100 and NE40E and NE80E routers with software before V800R007C00SPC100 allows remote attackers to send packets to other VPNs and conduct flooding attacks via a crafted MPLS forwarding packet, aka a "VPN routing and forwarding (VRF) hopping vulnerability."
Products affected by CVE-2015-8087
- cpe:2.3:a:huawei:ne_router_software:*:*:*:*:*:*:*:*
- cpe:2.3:a:huawei:ne_router_software:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2015-8087
0.24%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 61 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-8087
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2015-8087
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-8087
-
http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-457933.htm
Security Advisory - VRF Hopping Vulnerability in Multiple RoutersVendor Advisory
Jump to