製品・ソフトウェアに関する情報
Vulnerability Search
HP H3C Comware 5 および Comware 7 デバイスにおけるアクセス制限を回避される脆弱性
Title HP H3C Comware 5 および Comware 7 デバイスにおけるアクセス制限を回避される脆弱性
Summary

HP H3C Comware 5 および Comware 7 デバイスには、アクセス制限を回避される、またはサービス運用妨害 (DoS) 状態にされる脆弱性が存在します。

Possible impacts 第三者により、"Virtual routing and forwarding (VRF) hopping" を介して、アクセス制限を回避される、またはサービス運用妨害 (DoS) 状態にされる可能性があります。
Solution

ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date Dec. 18, 2015, midnight
Registration Date Jan. 12, 2016, 4:51 p.m.
Last Update Jan. 12, 2016, 4:51 p.m.
CVSS2.0 : 警告
Score 6.4
Vector AV:N/AC:L/Au:N/C:N/I:P/A:P
Affected System
ヒューレット・パッカード
H3C Router 
H3C Router 
CVE (情報セキュリティ 共通脆弱性識別子)
CWE (共通脆弱性タイプ一覧)
ベンダー情報
Change Log
No Changed Details Date of change
0 [2016年01月12日]
  掲載		 Feb. 17, 2018, 10:37 a.m.
0 [2016年01月12日]
  掲載		 Feb. 17, 2018, 10:37 a.m.
NVD Vulnerability Information
CVE-2015-5434
Summary

HPE Networking Products, originally branded as Comware 5, Comware 7, H3C, or HP, allow remote attackers to bypass intended access restrictions or cause a denial of service via "Virtual routing and forwarding (VRF) hopping."

Publication Date Jan. 5, 2016, 8:59 p.m.
Registration Date Jan. 26, 2021, 2:52 p.m.
Last Update Nov. 21, 2024, 11:33 a.m.
Affected software configurations
Configuration1 or higher or less more than less than
cpe:2.3:h:hp:jc653a_hp_12518_dc_switch_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jh179a_hp_flexfabric_5930_4-slot_switch:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg362b_hp_hsr6804_router_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg834a_hp_flexfabric_12508e_ac_switch_taa-compliant_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg802a_hp_ff_12500e_mpu:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg409a_hp_msr3012_ac_router:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jc655a_hp_12504_dc_switch_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jc612a_hp_10508_switch_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jh060a_hp_msr1003-8s_ac_router:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg836a_hp_flexfabric_12518e_ac_switch_taa-compliant_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg410a_hp_msr3012_dc_router:-:*:*:*:*:*:*:*
cpe:2.3:a:hp:jg789a_hp_flexfabric_12500_4-port_100gbe_cfp_fg_taa:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg782a_hp_ff_12508e_ac_switch_chassis:-:*:*:*:*:*:*:*
cpe:2.3:o:hp:jg497a_hp_12500_mpu_w\/comware:7.0:*:*:*:*:*:*:*
cpe:2.3:h:hp:jc125b_hp_9512_switch_chassis:-:*:*:*:*:*:*:*
cpe:2.3:a:hp:jg788a_hp_flexfabric_12500_4-port_100gbe_cfp_fg:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jc652a_hp_12508_dc_switch_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jf431c_hp_12508_ac_switch_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg821a_hp_10508_taa_switch_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jc613a_hp_10504_switch_chassis:-:*:*:*:*:*:*:*
cpe:2.3:o:hp:jh198a_hp_10500_type_d_main_processing_unit_with_comware:7.0:*:*:*:*:*:*:*
cpe:2.3:h:hp:jf430b_hp_12518_switch_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg403a_hp_msr4060_router_chassis:-:*:*:*:*:*:*:*
cpe:2.3:a:hp:jg810aae_hp_vsr1001_virtual_services_router_60_day_evaluation:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg412a_hp_msr4000_mpu-100_main_processing_unit:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg361a_hp_hsr6802_router_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg734a_hp_msr2004-24_ac_router:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg354a_hp_hsr6602-xg_router:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg869a_hp_msr4000_taa-compliant_mpu-100_main_processing_unit:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jf430c_hp_12518_ac_switch_chassis:-:*:*:*:*:*:*:*
cpe:2.3:a:hp:jh192a_hp_10500_48-port_gig-t_\(rj45\)_se:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jc474a_hp_a9508-v_switch_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jc611a_hp_10508-v_switch_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg408a_hp_msr3024_poe_router:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jc124b_hp_9505_switch_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg406a_hp_msr3024_ac_router:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg866a_hp_msr2003_taa-compliant_ac_router:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jc125a_hp_a9512_switch_chassis:-:*:*:*:*:*:*:*
cpe:2.3:a:hp:jg786a_hp_flexfabric_12500_4-port_100gbe_cfp_fd:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg777a_hp_hsr6602-xg_taa-compliant_router:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg404a_hp_msr3064_router:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg779a_hp_hsr6800_rse-x2_router_taa-compliant_main_processing_unit:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg402a_hp_msr4080_router_chassis:-:*:*:*:*:*:*:*
cpe:2.3:o:hp:jg496a_hp_10500_type_a_mpu_with_comware:7.0:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg411a_hp_msr2003_ac_router:-:*:*:*:*:*:*:*
cpe:2.3:a:hp:jh196a_hp_10500_2-port_100gbe_cfp_ec:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg875a_hp_msr1002-4_ac_router:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jh075a\)_hp_hsr6800_rse-x3_router_main_processing_unit:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jc748a_hp_10512_switch_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jf430a_hp_a12518_switch_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jc085a_hp_a12518_switch_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jc124a_hp_a9508_switch_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jc808a_hp_12500_taa_main_processing_unit:-:*:*:*:*:*:*:*
cpe:2.3:a:hp:jg787a_hp_flexfabric_12500_4-port_100gbe_cfp_fd_taa:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jc072b_hp_12500_main_processing_unit:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg861a_hp_msr3024_taa-compliant_ac_router:-:*:*:*:*:*:*:*
cpe:2.3:a:hp:jg798a_hp_flexfabric_12508e_fabric:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg361b_hp_hsr6802_router_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg837a_hp_flexfabric_12518e_dc_switch_taa-compliant_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg362a_hp_hsr6804_router_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg784a_hp_ff_12518e_ac_switch_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg813aae_hp_vsr1008_comware_7_virtual_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg811aae_hp_vsr1001_comware_7_virtual_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg555a_hp_5920af-24xg_taa_switch:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg783a_hp_ff_12508e_dc_switch_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jh188a_hp_flexfabric_5930_4-slot_taa-compliant_switch:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jc474b_hp_9508-v_switch_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg353a_hp_hsr6602-g_router:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg835a_hp_flexfabric_12508e_dc_switch_taa-compliant_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jc654a_hp_12504_ac_switch_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg405a_hp_msr3044_router:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg407a_hp_msr3024_dc_router:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg776a_hp_hsr6602-g_taa-compliant_router:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg364a_hp_hsr6800_rse-x2_router_main_processing_unit:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jf431b_hp_12508_switch_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg803a_hp_flexfabric_12500e_taa-compliant_main_processing_unit:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg822a_hp_10508-v_taa_switch_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jc086a_hp_a12508_switch_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg812aae_hp_vsr1004_comware_7_virtual_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg296a_hp_5920af-24xg_switch:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg363a_hp_hsr6808_router_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg820a_hp_10504_taa_switch_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg363b_hp_hsr6808_router_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg823a_hp_10512_taa_switch_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg785a_hp_ff_12518e_dc_switch_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jf431a_hp_a12508_switch_chassis:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:jg735a\)_hp_msr2004-48_router:-:*:*:*:*:*:*:*
Related information, measures and tools
Common Vulnerabilities List