5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.002 Low
EPSS
Percentile
62.0%
Some Huawei products have a memory leak vulnerability. When the packet processing module of the device processes abnormal Multiprotocol Label Switching (MPLS) packets sent by attackers, the module repeatedly applies for memory, resulting in memory exhaustion in persistent attacks. (Vulnerability ID: HWPSIRT-2016-03049)
This vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-8797.
Huawei has released software updates to fix these vulnerabilities. This advisory is available at the following link:
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160608-01-mpls-en
CPE | Name | Operator | Version |
---|---|---|---|
ar3200 | eq | V200R007C00 | |
ar3200 | eq | V200R005C32 | |
ar3200 | eq | V200R005C20 | |
s12700 | eq | V200R008C00 | |
s12700 | eq | V200R007C00 | |
s5300 | eq | V200R008C00 | |
s5300 | eq | V200R007C00 | |
s5300 | eq | V200R006C00 | |
s5700 | eq | V200R008C00 | |
s5700 | eq | V200R007C00 |
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.002 Low
EPSS
Percentile
62.0%