CVE-2016-8796

EPSS 0.2%
Veröffentlicht 02.04.2017 20:59:01
Zuletzt bearbeitet 20.04.2025 01:37:25
Quelle psirt@huawei.com
Teams Watchlist Login
Unerledigt Login

Huawei USG9520 V300R001C01, USG9560 V300R001C01, and USG9580 V300R001C01 allow unauthenticated attackers to send abnormal DHCP request packets to the affected products to trigger a DoS condition.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Huawei ≫ Usg9520 Firmware Versionv300r001c01

Huawei ≫ Usg9520 Version-

Huawei ≫ Usg9580 Firmware Versionv300r001c01

Huawei ≫ Usg9580 Version-

Huawei ≫ Usg9560 Firmware Versionv300r001c01

Huawei ≫ Usg9560 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.2%	0.384

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	7.8	10	6.9	AV:N/AC:L/Au:N/C:N/I:N/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-firewall-en

Vendor Advisory

http://www.securityfocus.com/bid/94405

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2016-8796

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-8796

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-8796

EUVD