Lucene search

HuaweiCVE-2016-8797

HistoryApr 02, 2017 - 8:59 p.m.

CVE-2016-8797

2017-04-0220:59:01

CWE-399

huawei

web.nvd.nist.gov

cve-2016-8797

huawei

ar3200

s12700

s5300

s5700

s6300

s6700

s7700

s9300

s9700

software vulnerability

remote attack

memory exhaustion

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.5

Confidence

High

EPSS

0.002

Percentile

61.8%

JSON

Huawei AR3200 with software V200R007C00, V200R005C32, V200R005C20; S12700 with software V200R008C00, V200R007C00; S5300 with software V200R008C00, V200R007C00, V200R006C00; S5700 with software V200R008C00, V200R007C00, V200R006C00; S6300 with software V200R008C00, V200R007C00; S6700 with software V200R008C00, V200R007C00; S7700 with software V200R008C00, V200R007C00, V200R006C00; S9300 with software V200R008C00, V200R007C00, V200R006C00; and S9700 with software V200R008C00, V200R007C00, V200R006C00 allow remote attackers to send abnormal Multiprotocol Label Switching (MPLS) packets to cause memory exhaustion.

Affected configurations

Nvd

Node

huaweiar3200_firmwareMatchv200r005c20

huaweiar3200_firmwareMatchv200r005c32

huaweiar3200_firmwareMatchv200r007c00

AND

huaweiar3200Match-

Node

huaweis12700_firmwareMatchv200r007c00

huaweis12700_firmwareMatchv200r008c00

AND

huaweis12700Match-

Node

huaweis5300_firmwareMatchv200r006c00

huaweis5300_firmwareMatchv200r007c00

huaweis5300_firmwareMatchv200r008c00

AND

huaweis5300Match-

Node

huaweis5700_firmwareMatchv200r006c00

huaweis5700_firmwareMatchv200r007c00

huaweis5700_firmwareMatchv200r008c00

AND

huaweis5700Match-

Node

huaweis6300_firmwareMatchv200r007c00

huaweis6300_firmwareMatchv200r008c00

AND

huaweis6300Match-

Node

huaweis6700_firmwareMatchv200r007c00

huaweis6700_firmwareMatchv200r008c00

AND

huaweis6700Match-

Node

huaweis7700_firmwareMatchv200r006c00

huaweis7700_firmwareMatchv200r007c00

huaweis7700_firmwareMatchv200r008c00

AND

huaweis7700Match-

Node

huaweis9300_firmwareMatchv200r006c00

huaweis9300_firmwareMatchv200r007c00

huaweis9300_firmwareMatchv200r008c00

AND

huaweis9300Match-

Node

huaweis9700_firmwareMatchv200r006c00

huaweis9700_firmwareMatchv200r007c00

huaweis9700_firmwareMatchv200r008c00

AND

huaweis9700Match-

VendorProductVersionCPE
huaweiar3200_firmwarev200r005c20cpe:2.3:o:huawei:ar3200_firmware:v200r005c20:*:*:*:*:*:*:*
huaweiar3200_firmwarev200r005c32cpe:2.3:o:huawei:ar3200_firmware:v200r005c32:*:*:*:*:*:*:*
huaweiar3200_firmwarev200r007c00cpe:2.3:o:huawei:ar3200_firmware:v200r007c00:*:*:*:*:*:*:*
huaweiar3200-cpe:2.3:h:huawei:ar3200:-:*:*:*:*:*:*:*
huaweis12700_firmwarev200r007c00cpe:2.3:o:huawei:s12700_firmware:v200r007c00:*:*:*:*:*:*:*
huaweis12700_firmwarev200r008c00cpe:2.3:o:huawei:s12700_firmware:v200r008c00:*:*:*:*:*:*:*
huaweis12700-cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*
huaweis5300_firmwarev200r006c00cpe:2.3:o:huawei:s5300_firmware:v200r006c00:*:*:*:*:*:*:*
huaweis5300_firmwarev200r007c00cpe:2.3:o:huawei:s5300_firmware:v200r007c00:*:*:*:*:*:*:*
huaweis5300_firmwarev200r008c00cpe:2.3:o:huawei:s5300_firmware:v200r008c00:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
huawei	ar3200_firmware	v200r005c20	cpe:2.3:o:huawei:ar3200_firmware:v200r005c20:::::::*
huawei	ar3200_firmware	v200r005c32	cpe:2.3:o:huawei:ar3200_firmware:v200r005c32:::::::*
huawei	ar3200_firmware	v200r007c00	cpe:2.3:o:huawei:ar3200_firmware:v200r007c00:::::::*
huawei	ar3200	-	cpe:2.3:h:huawei:ar3200:-:::::::*
huawei	s12700_firmware	v200r007c00	cpe:2.3:o:huawei:s12700_firmware:v200r007c00:::::::*
huawei	s12700_firmware	v200r008c00	cpe:2.3:o:huawei:s12700_firmware:v200r008c00:::::::*
huawei	s12700	-	cpe:2.3:h:huawei:s12700:-:::::::*
huawei	s5300_firmware	v200r006c00	cpe:2.3:o:huawei:s5300_firmware:v200r006c00:::::::*
huawei	s5300_firmware	v200r007c00	cpe:2.3:o:huawei:s5300_firmware:v200r007c00:::::::*
huawei	s5300_firmware	v200r008c00	cpe:2.3:o:huawei:s5300_firmware:v200r008c00:::::::*

Rows per page:

1-10 of 331

CNA Affected

[
  {
    "product": "AR3200,S12700,S5300,S5700,S6300,S6700,S7700,S9300,S9700 AR3200 V200R007C00, V200R005C32, V200R005C20,S12700 V200R008C00, V200R007C00,S5300 V200R008C00, V200R007C00, V200R006C00,S5700 V200R008C00, V200R007C00, V200R006C00,S6300 V200R008C00, V200R007C00,S6700 V200R008C00, V200R007C00,S7700 V200R008C00, V200R007C00, V200R006C00,S9300 V200R008C00, V200R007C00, V200R006C00,S9700 V200R008C00, V200R007C00, V200R006C00,",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "AR3200,S12700,S5300,S5700,S6300,S6700,S7700,S9300,S9700 AR3200 V200R007C00, V200R005C32, V200R005C20,S12700 V200R008C00, V200R007C00,S5300 V200R008C00, V200R007C00, V200R006C00,S5700 V200R008C00, V200R007C00, V200R006C00,S6300 V200R008C00, V200R007C00,S6700 V200R008C00, V200R007C00,S7700 V200R008C00, V200R007C00, V200R006C00,S9300 V200R008C00, V200R007C00, V200R006C00,S9700 V200R008C00, V200R007C00, V200R006C00,"
      }
    ]
  }
]

References

www.huawei.com/en/psirt/security-advisories/huawei-sa-20160608-01-mpls-en

Social References

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.5

Confidence

High

EPSS

0.002

Percentile

61.8%

JSON

Related for CVE-2016-8797