CVE-2015-5434

medium

HPE

CVSS v3 Base Score

6.5

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

EPSS Score

0.7%

Exploitation probability in 30 days

Top 28% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Confidentiality

None

Integrity

Low

Availability

Low

Published: January 5, 2016 (3783 days ago)

Last Modified: May 6, 2026

Vendor: HPE

Source: NVD

Description

HPE Networking Products, originally branded as Comware 5, Comware 7, H3C, or HP, allow remote attackers to bypass intended access restrictions or cause a denial of service via "Virtual routing and forwarding (VRF) hopping."

CWE

CWE-264

Affected Products

hp jg786a hp flexfabric 12500 4-port 100gbe cfp fdhp jg787a hp flexfabric 12500 4-port 100gbe cfp fd taahp jg788a hp flexfabric 12500 4-port 100gbe cfp fghp jg789a hp flexfabric 12500 4-port 100gbe cfp fg taahp jg798a hp flexfabric 12508e fabrichp jg810aae hp vsr1001 virtual services router 60 day evaluationhp jh192a hp 10500 48-port gig-t \(rj45\) sehp jh196a hp 10500 2-port 100gbe cfp echp jc072b hp 12500 main processing unithp jc085a hp a12518 switch chassis

References

🔗 www.securityfocus.com 🔗 h20564.www2.hpe.com 🔗 www.securityfocus.com 🔗 h20564.www2.hpe.com

CVE-2015-5434

Vulnerability Report

Description

CWE

Affected Products

References