4.3

CVE-2016-8784

EPSS 0.07%
Published 09.03.2018 21:29:00
Last modified 21.11.2024 03:00:04
Source psirt@huawei.com
Teams watchlist Login
Open Login

Huawei CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Label Distribution Protocol (LDP) packets to the devices. When the values of some parameters in the packet are abnormal, the LDP processing module does not release the memory to handle the packet, resulting in memory leak.

Affected products Warnungen 0 Metrics 3 CWE 0 References 5

Data is provided by the National Vulnerability Database (NVD)

Huawei ≫ Cloudengine 12800 Firmware Versionv100r003c00

Huawei ≫ Cloudengine 12800 Version-

Huawei ≫ Cloudengine 12800 Firmware Versionv100r003c10

Huawei ≫ Cloudengine 12800 Version-

Huawei ≫ Cloudengine 12800 Firmware Versionv100r005c00

Huawei ≫ Cloudengine 12800 Version-

Huawei ≫ Cloudengine 12800 Firmware Versionv100r005c10

Huawei ≫ Cloudengine 12800 Version-

Huawei ≫ Cloudengine 12800 Firmware Versionv100r006c00

Huawei ≫ Cloudengine 12800 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.07%	0.188

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.3	2.8	1.4	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
nvd@nist.gov	3.3	6.5	2.9	AV:A/AC:L/Au:N/C:N/I:N/A:P

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161221-01-ldp-en

Vendor Advisory

http://www.securityfocus.com/bid/95079

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2016-8784

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-8784

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-8784

EUVD