CVE-2016-8786

EPSS 0.22%
Published 09.03.2018 21:29:00
Last modified 21.11.2024 03:00:04
Source psirt@huawei.com
Teams watchlist Login
Open Login

Huawei S12700 V200R005C00, V200R006C00, V200R007C00, V200R008C00, S5700 V200R006C00, V200R007C00, V200R008C00, S6700 V200R008C00, S7700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, S9700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00 have a denial of service (DoS) vulnerability. Due to the lack of input validation, a remote attacker may craft a malformed Resource Reservation Protocol (RSVP) packet and send it to the device, causing a few buffer overflows and occasional device restart.

Affected products Warnungen 0 Metrics 3 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

Huawei ≫ S12700 Firmware Versionv200r005c00

Huawei ≫ S12700 Version-

Huawei ≫ S12700 Firmware Versionv200r006c00

Huawei ≫ S12700 Version-

Huawei ≫ S12700 Firmware Versionv200r007c00

Huawei ≫ S12700 Version-

Huawei ≫ S12700 Firmware Versionv200r008c00

Huawei ≫ S12700 Version-

Huawei ≫ S5700 Firmware Versionv200r006c00

Huawei ≫ S5700 Version-

Huawei ≫ S5700 Firmware Versionv200r007c00

Huawei ≫ S5700 Version-

Huawei ≫ S5700 Firmware Versionv200r008c00

Huawei ≫ S5700 Version-

Huawei ≫ S6700 Firmware Versionv200r008c00

Huawei ≫ S6700 Version-

Huawei ≫ S7700 Firmware Versionv200r001c00

Huawei ≫ S7700 Version-

Huawei ≫ S7700 Firmware Versionv200r002c00

Huawei ≫ S7700 Version-

Huawei ≫ S7700 Firmware Versionv200r003c00

Huawei ≫ S7700 Version-

Huawei ≫ S7700 Firmware Versionv200r005c00

Huawei ≫ S7700 Version-

Huawei ≫ S7700 Firmware Versionv200r006c00

Huawei ≫ S7700 Version-

Huawei ≫ S7700 Firmware Versionv200r007c00

Huawei ≫ S7700 Version-

Huawei ≫ S7700 Firmware Versionv200r008c00

Huawei ≫ S7700 Version-

Huawei ≫ S9700 Firmware Versionv200r001c00

Huawei ≫ S9700 Version-

Huawei ≫ S9700 Firmware Versionv200r002c00

Huawei ≫ S9700 Version-

Huawei ≫ S9700 Firmware Versionv200r003c00

Huawei ≫ S9700 Version-

Huawei ≫ S9700 Firmware Versionv200r005c00

Huawei ≫ S9700 Version-

Huawei ≫ S9700 Firmware Versionv200r006c00

Huawei ≫ S9700 Version-

Huawei ≫ S9700 Firmware Versionv200r007c00

Huawei ≫ S9700 Version-

Huawei ≫ S9700 Firmware Versionv200r008c00

Huawei ≫ S9700 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.22%	0.417

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	7.8	10	6.9	AV:N/AC:L/Au:N/C:N/I:N/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161228-01-rsvp-en

Vendor Advisory

http://www.securityfocus.com/bid/95139

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2016-8786

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-8786

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-8786

EUVD