Lucene search

[email protected]CVE-2016-8773

HistoryApr 02, 2017 - 8:59 p.m.

CVE-2016-8773

2017-04-0220:59:01

CWE-20

[email protected]

web.nvd.nist.gov

huawei

s5300

s5700

s6300

s6700

s7700

s9300

s9700

s12700

denial of service

dos

vulnerability

mpls

nvd

cve-2016-8773

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

40.6%

JSON

Huawei S5300 with software V200R003C00, V200R007C00, V200R008C00, V200R009C00; S5700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R005C03, V200R007C00, V200R008C00, V200R009C00; S6300 with software V200R003C00, V200R005C00, V200R008C00, V200R009C00; S6700 with software V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R008C00, V200R009C00; S7700 with software V200R007C00, V200R008C00, V200R009C00; S9300 with software V200R007C00, V200R008C00, V200R009C00; S9700 with software V200R007C00, V200R008C00, V200R009C00; and S12700 with software V200R007C00, V200R007C01, V200R008C00, V200R009C00 allow the attacker to cause a denial of service condition by sending malformed MPLS packets.

Affected configurations

NVD

Node

huaweis12700Match-

AND

huaweis12700_firmwareMatchv200r007c00

huaweis12700_firmwareMatchv200r007c01

huaweis12700_firmwareMatchv200r008c00

huaweis12700_firmwareMatchv200r009c00

Node

huaweis5300_firmwareMatchv200r003c00

huaweis5300_firmwareMatchv200r007c00

huaweis5300_firmwareMatchv200r008c00

huaweis5300_firmwareMatchv200r009c00

AND

huaweis5300Match-

Node

huaweis5700Match-

AND

huaweis5700_firmwareMatchv200r001c00

huaweis5700_firmwareMatchv200r002c00

huaweis5700_firmwareMatchv200r003c00

huaweis5700_firmwareMatchv200r005c00

huaweis5700_firmwareMatchv200r005c03

huaweis5700_firmwareMatchv200r007c00

huaweis5700_firmwareMatchv200r008c00

huaweis5700_firmwareMatchv200r009c00

Node

huaweis6300Match-

AND

huaweis6300_firmwareMatchv200r003c00

huaweis6300_firmwareMatchv200r005c00

huaweis6300_firmwareMatchv200r008c00

huaweis6300_firmwareMatchv200r009c00

Node

huaweis6700Match-

AND

huaweis6700_firmwareMatchv200r001c00

huaweis6700_firmwareMatchv200r001c01

huaweis6700_firmwareMatchv200r002c00

huaweis6700_firmwareMatchv200r003c00

huaweis6700_firmwareMatchv200r005c00

huaweis6700_firmwareMatchv200r007c00

huaweis6700_firmwareMatchv200r008c00

huaweis6700_firmwareMatchv200r009c00

Node

huaweis7700Match-

AND

huaweis7700_firmwareMatchv200r007c00

huaweis7700_firmwareMatchv200r008c00

huaweis7700_firmwareMatchv200r009c00

Node

huaweis9300Match-

AND

huaweis9300_firmwareMatchv200r007c00

huaweis9300_firmwareMatchv200r008c00

huaweis9300_firmwareMatchv200r009c00

Node

huaweis9700Match-

AND

huaweis9700_firmwareMatchv200r007c00

huaweis9700_firmwareMatchv200r008c00

huaweis9700_firmwareMatchv200r009c00

CPENameOperatorVersion
huawei:s12700_firmwarehuawei s12700 firmwareeqv200r007c00
huawei:s12700_firmwarehuawei s12700 firmwareeqv200r007c01
huawei:s12700_firmwarehuawei s12700 firmwareeqv200r008c00
huawei:s12700_firmwarehuawei s12700 firmwareeqv200r009c00

CPE	Name	Operator	Version
huawei:s12700_firmware	huawei s12700 firmware	eq	v200r007c00
huawei:s12700_firmware	huawei s12700 firmware	eq	v200r007c01
huawei:s12700_firmware	huawei s12700 firmware	eq	v200r008c00
huawei:s12700_firmware	huawei s12700 firmware	eq	v200r009c00

CNA Affected

[
  {
    "product": "S5300,S5700,S6300,S6700,S7700,9300,9700,S12700 S5300 with software V200R003C00, V200R007C00, V200R008C00, V200R009C00,S5700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R005C03, V200R007C00, V200R008C00, V200R009C00,S6300 with software V200R003C00, V200R005C00, V200R008C00, V200R009C00,S6700 with software V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R008C00, V200R009C00,S7700 with software V200R007C00, V200R008C00, V200R009C00,S9300 with software V200R007C00, V200R008C00, V200R009C00,S9700 with software V200R007C00, V200R008C00, V200R009C00 and S12700 with software V200R007C00, V200R007C01, V200R008C00, V200R009C00",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "S5300,S5700,S6300,S6700,S7700,9300,9700,S12700 S5300 with software V200R003C00, V200R007C00, V200R008C00, V200R009C00,S5700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R005C03, V200R007C00, V200R008C00, V200R009C00,S6300 with software V200R003C00, V200R005C00, V200R008C00, V200R009C00,S6700 with software V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R008C00, V200R009C00,S7700 with software V200R007C00, V200R008C00, V200R009C00,S9300 with software V200R007C00, V200R008C00, V200R009C00,S9700 with software V200R007C00, V200R008C00, V200R009C00 and S12700 with software V200R007C00, V200R007C01, V200R008C00, V200R009C00"
      }
    ]
  }
]

References

www.huawei.com/en/psirt/security-advisories/huawei-sa-20161111-01-mpls-en

www.securityfocus.com/bid/94285

Social References

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

40.6%

JSON

Related for CVE-2016-8773

nvd1 prion1 cvelist1 huawei1