Detections
Analytics

Information Leakage Vulnerability via MPLS Ping in Huawei VRP Platform (HWPSIRT-2014-0418)

medium Nessus Plugin ID 80086

Language:

Synopsis

The remote host is affected by an information disclosure vulnerability.

Description

The firmware version of the remote host is affected by an information disclosure vulnerability. The MPLS LSP ping service is bound to unnecessary interfaces which may allow a remote attacker to determine IP addresses of devices.

Solution

Apply the appropriate patch per the vendor's advisory.

See Also

http://www.nessus.org/u?697554d8

Plugin Details

Severity: Medium

ID: 80086

File Name: huawei-SA-20141010-01-VRP.nasl

Version: 1.4

Type: remote

Published: 12/17/2014

Updated: 1/6/2021

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

Required KB Items: Settings/ParanoidReport, Host/Huawei/VRP/Series, Host/Huawei/VRP/Version, Host/Huawei/VRP/Model

Patch Publication Date: 10/16/2014

Vulnerability Publication Date: 9/24/2014