CVE-2015-8085

Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software before V200R009C00; S12700 routers with software before V200R008C00SPC500; S9300, Quidway S5300, and S5300 routers with software before V200R007C00; and S5700 routers with software before V200R007C00SPC500 make it easier for remote authenticated administrators to obtain and decrypt passwords by leveraging selection of a reversible encryption algorithm.

Published: Oct 3, 2016
Updated: Apr 13, 2023
CVE: CVE-2015-8085
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.9
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:P/I:N/A:N

CWEs:

CWE-326

OWASP TOP 10:

A3 - Sensitive Data Exposure

Affected Software
References

Software	From	Fixed in
huawei / s9300_firmware	200r005c00spc300	200r005c00spc300.x
huawei / s9300_firmware	200r006c00spc500	200r006c00spc500.x
huawei / s12700_firmware	200r005c00	200r005c00.x
huawei / s12700_firmware	200r006c00	200r006c00.x
huawei / quidway_s9300_firmware	200r001c00spc300	200r001c00spc300.x
huawei / quidway_s9300_firmware	200r002c00spc100	200r002c00spc100.x
huawei / quidway_s9300_firmware	200r003c00spc500	200r003c00spc500.x
huawei / ar_firmware	200r001	200r001.x
huawei / ar_firmware	200r002	200r002.x
huawei / ar_firmware	200r003	200r003.x
huawei / ar_firmware	200r005c10	200r005c10.x
huawei / ar_firmware	200r005c20	200r005c20.x
huawei / ar_firmware	200r005c30	200r005c30.x
huawei / quidway_s5300_firmware	200r001c00spc300	200r001c00spc300.x
huawei / s5700_firmware	200r001c00	200r001c00.x
huawei / s5700_firmware	200r002c00	200r002c00.x
huawei / s5700_firmware	200r003c00	200r003c00.x
huawei / s5700_firmware	200r005c00	200r005c00.x
huawei / s5700_firmware	200r006c00	200r006c00.x
huawei / s5300_firmware	200r002c00	200r002c00.x
huawei / s5300_firmware	200r005c00spc500	200r005c00spc500.x
huawei / s5300_firmware	200r006c00spc500	200r006c00spc500.x

Vulnerability Database

289,697

CVE-2015-8085