Vulnerability-Lookup

CVE-2015-8265 (GCVE-0-2015-8265)

Vulnerability from cvelistv5 – Published: 2016-02-01 21:00 – Updated: 2024-08-06 08:13

Summary

Severity ?

No CVSS data available.

CWE

Assigner

certcc

References

URL

CNVD-2016-00863

Vulnerability from cnvd - Published: 2016-02-15

Title

Huawei E5186 4G LTE Router安全绕过漏洞

Description

Huawei E5186 4G LTE Router是中国华为公司的一款4G无线路由器产品。 Huawei E5186 4G LTE Router允许DNS query数据包使用静态源端口，允许远程攻击者可利用该漏洞伪造响应。

Severity

中

Patch Name

Huawei E5186 4G LTE Router安全绕过漏洞的补丁

Patch Description

Huawei E5186 4G LTE Router是中国华为公司的一款4G无线路由器产品。 Huawei E5186 4G LTE Router允许DNS query数据包使用静态源端口，允许远程攻击者可利用该漏洞伪造响应。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下厂商提供的安全补丁以修复该漏洞： http://www.huawei.com

Reference

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160129-01-dns-en

Impacted products

Name
Huawei E5186 4G LTE Router <V200R001B310D01SP00C00

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-8265"
    }
  },
  "description": "Huawei E5186 4G LTE Router\u662f\u4e2d\u56fd\u534e\u4e3a\u516c\u53f8\u7684\u4e00\u6b3e4G\u65e0\u7ebf\u8def\u7531\u5668\u4ea7\u54c1\u3002\r\n\r\nHuawei E5186 4G LTE Router\u5141\u8bb8DNS query\u6570\u636e\u5305\u4f7f\u7528\u9759\u6001\u6e90\u7aef\u53e3\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4f2a\u9020\u54cd\u5e94\u3002",
  "discovererName": "Huawei",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttp://www.huawei.com",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-00863",
  "openTime": "2016-02-15",
  "patchDescription": "Huawei E5186 4G LTE Router\u662f\u4e2d\u56fd\u534e\u4e3a\u516c\u53f8\u7684\u4e00\u6b3e4G\u65e0\u7ebf\u8def\u7531\u5668\u4ea7\u54c1\u3002\r\n\r\nHuawei E5186 4G LTE Router\u5141\u8bb8DNS query\u6570\u636e\u5305\u4f7f\u7528\u9759\u6001\u6e90\u7aef\u53e3\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4f2a\u9020\u54cd\u5e94\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Huawei E5186 4G LTE Router\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Huawei E5186 4G LTE Router \u003cV200R001B310D01SP00C00"
  },
  "referenceLink": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160129-01-dns-en",
  "serverity": "\u4e2d",
  "submitTime": "2016-02-08",
  "title": "Huawei E5186 4G LTE Router\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e"
}

GHSA-CWCR-9Q43-Q45R

Vulnerability from github – Published: 2022-05-17 03:44 – Updated: 2022-05-17 03:44

Details

Severity ?

7.5 (High)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2015-8265"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-02-01T21:59:00Z",
    "severity": "HIGH"
  },
  "details": "Huawei Mobile WiFi E5151 routers with software before E5151s-2TCPU-V200R001B146D27SP00C00 and E5186 routers with software before V200R001B310D01SP00C00 allow DNS query packets using the static source port, which makes it easier for remote attackers to spoof responses via unspecified vectors.",
  "id": "GHSA-cwcr-9q43-q45r",
  "modified": "2022-05-17T03:44:02Z",
  "published": "2022-05-17T03:44:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8265"
    },
    {
      "type": "WEB",
      "url": "https://www.kb.cert.org/vuls/id/972224"
    },
    {
      "type": "WEB",
      "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160129-01-dns-en"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/82246"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2015-8265

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2015-8265

Aliases

CVE-2015-8265

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2015-8265",
    "description": "Huawei Mobile WiFi E5151 routers with software before E5151s-2TCPU-V200R001B146D27SP00C00 and E5186 routers with software before V200R001B310D01SP00C00 allow DNS query packets using the static source port, which makes it easier for remote attackers to spoof responses via unspecified vectors.",
    "id": "GSD-2015-8265"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2015-8265"
      ],
      "details": "Huawei Mobile WiFi E5151 routers with software before E5151s-2TCPU-V200R001B146D27SP00C00 and E5186 routers with software before V200R001B310D01SP00C00 allow DNS query packets using the static source port, which makes it easier for remote attackers to spoof responses via unspecified vectors.",
      "id": "GSD-2015-8265",
      "modified": "2023-12-13T01:20:03.184634Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cert@cert.org",
        "ID": "CVE-2015-8265",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Huawei Mobile WiFi E5151 routers with software before E5151s-2TCPU-V200R001B146D27SP00C00 and E5186 routers with software before V200R001B310D01SP00C00 allow DNS query packets using the static source port, which makes it easier for remote attackers to spoof responses via unspecified vectors."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "82246",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/82246"
          },
          {
            "name": "VU#972224",
            "refsource": "CERT-VN",
            "url": "https://www.kb.cert.org/vuls/id/972224"
          },
          {
            "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160129-01-dns-en",
            "refsource": "CONFIRM",
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160129-01-dns-en"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:e5186:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:e5151:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:e5186_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "v200r001b306d01c00",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:e5151_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "e5151s-2tcpu-v200r001b141d13sp00c1080",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2015-8265"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Huawei Mobile WiFi E5151 routers with software before E5151s-2TCPU-V200R001B146D27SP00C00 and E5186 routers with software before V200R001B310D01SP00C00 allow DNS query packets using the static source port, which makes it easier for remote attackers to spoof responses via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160129-01-dns-en",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160129-01-dns-en"
            },
            {
              "name": "VU#972224",
              "refsource": "CERT-VN",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://www.kb.cert.org/vuls/id/972224"
            },
            {
              "name": "82246",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/82246"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2016-11-28T19:46Z",
      "publishedDate": "2016-02-01T21:59Z"
    }
  }
}

CERTFR-2016-AVI-043

Vulnerability from certfr_avis - Published: 2016-01-29 - Updated: 2016-02-04

Une vulnérabilité a été corrigée dans Huawei E5186 et E5151. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	N/A	N/A	E5186 versions antérieures à V200R001B310D01SP00C00
	N/A	N/A	E5151s-2TCPU versions antérieures à V200R001B146D27SP00C00

References

Title

Publication Time

VAR-201602-0181

Vulnerability from variot - Updated: 2025-04-13 23:21

Huawei Mobile WiFi E5151 routers with software before E5151s-2TCPU-V200R001B146D27SP00C00 and E5186 routers with software before V200R001B310D01SP00C00 allow DNS query packets using the static source port, which makes it easier for remote attackers to spoof responses via unspecified vectors. Huawei Mobile provided by Wi-Fi Router E5151 and E5186 Has the problem of using insufficient random values. Insufficient random value used (CWE-330) - CVE-2015-8265 Huawei E5151 and Huawei E5186 Sent from DNS The query source port number is fixed. The attacker DNS By spoofing, LAN It is possible to guide the terminal inside to a malicious server. CWE-330: Use of Insufficiently Random Values http://cwe.mitre.org/data/definitions/330.htmlBy a remote attacker DNS The response is forged, LAN May be directed to a malicious server. HuaweiE51864GLTERouter is a 4G wireless router product from China Huawei. Huawei E5186 is prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause a denial-of-service condition, denying service to legitimate users. There is a security vulnerability in versions earlier than Huawei E5186 4G LTE Router V200R001B310D01SP00C00. A remote attacker could exploit this vulnerability to forge responses

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201602-0181",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "e5151",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "e5151s-2tcpu-v200r001b141d13sp00c1080"
      },
      {
        "model": "e5186",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "v200r001b306d01c00"
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "e5151",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "version 21.141.13.00.1080"
      },
      {
        "model": "e5186",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "version v200r001b306d01c00"
      },
      {
        "model": "e5186 4g lte router \u003cv200r001b310d01sp00c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "e5151",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "e5186",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "e5151",
        "scope": "eq",
        "trust": 0.1,
        "vendor": "huawei",
        "version": "e5151s-2tcpu-v200r001b141d13sp00c1080"
      },
      {
        "model": "e5186",
        "scope": "eq",
        "trust": 0.1,
        "vendor": "huawei",
        "version": "v200r001b306d01c00"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#972224"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-00863"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-8265"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001343"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201602-013"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-8265"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:huawei:e5151_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:huawei:e5186_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001343"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Joel Land of the CERT/CC",
    "sources": [
      {
        "db": "BID",
        "id": "82246"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2015-8265",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2015-8265",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.9,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "availabilityRequirement": "NOT DEFINED",
            "baseScore": 5.0,
            "collateralDamagePotential": "NOT DEFINED",
            "confidentialityImpact": "NONE",
            "confidentialityRequirement": "NOT DEFINED",
            "enviromentalScore": 1.0,
            "exploitability": "PROOF-OF-CONCEPT",
            "exploitabilityScore": 10.0,
            "id": "CVE-2015-8265",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "integrityRequirement": "NOT DEFINED",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "remediationLevel": "OFFICIAL FIX",
            "reportConfidence": "CONFIRMED",
            "severity": "MEDIUM",
            "targetDistribution": "LOW",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vector_string": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CNVD-2016-00863",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-86226",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2015-8265",
            "impactScore": 3.6,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2015-8265",
            "trust": 1.6,
            "value": "MEDIUM"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2015-8265",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2016-00863",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201602-013",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-86226",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2015-8265",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#972224"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-00863"
      },
      {
        "db": "VULHUB",
        "id": "VHN-86226"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-8265"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001343"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201602-013"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-8265"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Huawei Mobile WiFi E5151 routers with software before E5151s-2TCPU-V200R001B146D27SP00C00 and E5186 routers with software before V200R001B310D01SP00C00 allow DNS query packets using the static source port, which makes it easier for remote attackers to spoof responses via unspecified vectors. Huawei Mobile provided by Wi-Fi Router E5151 and E5186 Has the problem of using insufficient random values. Insufficient random value used (CWE-330) - CVE-2015-8265 Huawei E5151 and Huawei E5186 Sent from DNS The query source port number is fixed. The attacker DNS By spoofing, LAN It is possible to guide the terminal inside to a malicious server. CWE-330: Use of Insufficiently Random Values http://cwe.mitre.org/data/definitions/330.htmlBy a remote attacker DNS The response is forged, LAN May be directed to a malicious server. HuaweiE51864GLTERouter is a 4G wireless router product from China Huawei. Huawei E5186 is prone to a denial-of-service vulnerability. \nAttackers can exploit this issue to cause a denial-of-service condition, denying service to legitimate users. There is a security vulnerability in versions earlier than Huawei E5186 4G LTE Router V200R001B310D01SP00C00. A remote attacker could exploit this vulnerability to forge responses",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-8265"
      },
      {
        "db": "CERT/CC",
        "id": "VU#972224"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001343"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-00863"
      },
      {
        "db": "BID",
        "id": "82246"
      },
      {
        "db": "VULHUB",
        "id": "VHN-86226"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-8265"
      }
    ],
    "trust": 3.33
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.kb.cert.org/vuls/id/972224",
        "trust": 0.8,
        "type": "poc"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#972224"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2015-8265",
        "trust": 3.5
      },
      {
        "db": "CERT/CC",
        "id": "VU#972224",
        "trust": 3.1
      },
      {
        "db": "BID",
        "id": "82246",
        "trust": 1.5
      },
      {
        "db": "JVN",
        "id": "JVNVU92574416",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001343",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201602-013",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-00863",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-86226",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-8265",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#972224"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-00863"
      },
      {
        "db": "VULHUB",
        "id": "VHN-86226"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-8265"
      },
      {
        "db": "BID",
        "id": "82246"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001343"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201602-013"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-8265"
      }
    ]
  },
  "id": "VAR-201602-0181",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-00863"
      },
      {
        "db": "VULHUB",
        "id": "VHN-86226"
      }
    ],
    "trust": 1.7
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-00863"
      }
    ]
  },
  "last_update_date": "2025-04-13T23:21:08.794000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Report Vulnerabilities",
        "trust": 0.8,
        "url": "http://www.huawei.com/en/psirt/report-vulnerabilities"
      },
      {
        "title": "DNS Static Source Port Vulnerability in Huawei E5186 (huawei-sa-20160129-01-dns)",
        "trust": 0.8,
        "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160129-01-dns-en"
      },
      {
        "title": "HuaweiE51864GLTERouter security bypass vulnerability patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/71245"
      },
      {
        "title": "Huawei E5186 4G LTE Router Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60024"
      },
      {
        "title": "NIST-BULK-CVE-Lookup",
        "trust": 0.1,
        "url": "https://github.com/jaychen2/NIST-BULK-CVE-Lookup "
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-00863"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-8265"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001343"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201602-013"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      },
      {
        "problemtype": "CWE-Other",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-86226"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001343"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-8265"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.5,
        "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160129-01-dns-en"
      },
      {
        "trust": 2.4,
        "url": "https://www.kb.cert.org/vuls/id/972224"
      },
      {
        "trust": 1.3,
        "url": "http://www.securityfocus.com/bid/82246"
      },
      {
        "trust": 0.8,
        "url": "http://consumer.huawei.com/lk/mobile-broadband/mobile-wifi/tech-specs/e5151-lk.htm"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8265"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/vu/jvnvu92574416/index.html"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8265"
      },
      {
        "trust": 0.3,
        "url": "http://www.huawei.com/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/20.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/jaychen2/nist-bulk-cve-lookup"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#972224"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-00863"
      },
      {
        "db": "VULHUB",
        "id": "VHN-86226"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-8265"
      },
      {
        "db": "BID",
        "id": "82246"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001343"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201602-013"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-8265"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#972224"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-00863"
      },
      {
        "db": "VULHUB",
        "id": "VHN-86226"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-8265"
      },
      {
        "db": "BID",
        "id": "82246"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001343"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201602-013"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-8265"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-02-01T00:00:00",
        "db": "CERT/CC",
        "id": "VU#972224"
      },
      {
        "date": "2016-02-15T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-00863"
      },
      {
        "date": "2016-02-01T00:00:00",
        "db": "VULHUB",
        "id": "VHN-86226"
      },
      {
        "date": "2016-02-01T00:00:00",
        "db": "VULMON",
        "id": "CVE-2015-8265"
      },
      {
        "date": "2016-01-29T00:00:00",
        "db": "BID",
        "id": "82246"
      },
      {
        "date": "2016-02-03T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-001343"
      },
      {
        "date": "2016-02-02T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201602-013"
      },
      {
        "date": "2016-02-01T21:59:00.127000",
        "db": "NVD",
        "id": "CVE-2015-8265"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-02-01T00:00:00",
        "db": "CERT/CC",
        "id": "VU#972224"
      },
      {
        "date": "2016-02-15T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-00863"
      },
      {
        "date": "2016-11-28T00:00:00",
        "db": "VULHUB",
        "id": "VHN-86226"
      },
      {
        "date": "2016-11-28T00:00:00",
        "db": "VULMON",
        "id": "CVE-2015-8265"
      },
      {
        "date": "2016-07-05T21:35:00",
        "db": "BID",
        "id": "82246"
      },
      {
        "date": "2016-03-31T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-001343"
      },
      {
        "date": "2016-02-02T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201602-013"
      },
      {
        "date": "2025-04-12T10:46:40.837000",
        "db": "NVD",
        "id": "CVE-2015-8265"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201602-013"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Huawei Mobile WiFi E5151 and E5186 routers use insufficiently random values for DNS queries",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#972224"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201602-013"
      }
    ],
    "trust": 0.6
  }
}

FKIE_CVE-2015-8265

Vulnerability from fkie_nvd - Published: 2016-02-01 21:59 - Updated: 2025-04-12 10:46

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Summary

References

URL	Tags
cret@cert.org	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160129-01-dns-en	Vendor Advisory
cret@cert.org	http://www.securityfocus.com/bid/82246
cret@cert.org	https://www.kb.cert.org/vuls/id/972224	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160129-01-dns-en	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/82246
af854a3a-2127-422b-91ae-364da2661108	https://www.kb.cert.org/vuls/id/972224	Third Party Advisory, US Government Resource

Impacted products

Vendor	Product	Version
huawei	e5151	-
huawei	e5186	-
huawei	e5151_firmware	*
huawei	e5186_firmware	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:e5151:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8772FA92-4630-4091-891C-B202C60336D1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:huawei:e5186:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D6F57FB-7B64-4444-9494-799468207B5B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:e5151_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "205A4672-D34D-4251-8CA9-B67B9DEAC003",
              "versionEndIncluding": "e5151s-2tcpu-v200r001b141d13sp00c1080",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:e5186_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4DC86F6-D697-4AF5-8593-7EFE9CE2778D",
              "versionEndIncluding": "v200r001b306d01c00",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Huawei Mobile WiFi E5151 routers with software before E5151s-2TCPU-V200R001B146D27SP00C00 and E5186 routers with software before V200R001B310D01SP00C00 allow DNS query packets using the static source port, which makes it easier for remote attackers to spoof responses via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "\"Routers Huawei Mobile WiFi E5151 con software en versiones anteriores a E5151s-2TCPU-V200R001B146D27SP00C00 y routers E5186 con software en versiones anteriores a V200R001B310D01SP00C00 permiten paquetes de consulta DNS utilizando el puerto de origen est\u00e1tico, lo que hace m\u00e1s f\u00e1cil para atacantes remotos suplantar respuestas a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2015-8265",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-02-01T21:59:00.127",
  "references": [
    {
      "source": "cret@cert.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160129-01-dns-en"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.securityfocus.com/bid/82246"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.kb.cert.org/vuls/id/972224"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160129-01-dns-en"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/82246"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.kb.cert.org/vuls/id/972224"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2015-8265 (GCVE-0-2015-8265)

CNVD-2016-00863

GHSA-CWCR-9Q43-Q45R

GSD-2015-8265

CERTFR-2016-AVI-043

Solution

VAR-201602-0181

FKIE_CVE-2015-8265

Tags

Sightings

Nomenclature