Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2016-8795
HistoryApr 02, 2017 - 8:59 p.m.

CVE-2016-8795

2017-04-0220:59:01
CWE-190
[email protected]
web.nvd.nist.gov
21
4
cve-2016-8795
huawei
cloudengine
secospace
integer overflow
remote attack

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

5.9 Medium

AI Score

Confidence

High

7.1 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

0.002 Low

EPSS

Percentile

53.2%

JSON

Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 6800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 7800 with software V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 8800 with software V100R006C00; and Secospace USG6600 with software V500R001C00 allow remote unauthenticated attackers to craft specific IPFPM packets to trigger an integer overflow and cause the device to reset.

Affected configurations

NVD
Node
huaweicloudengine_5800_firmwareMatchv100r002c00
OR
huaweicloudengine_5800_firmwareMatchv100r003c00
OR
huaweicloudengine_5800_firmwareMatchv100r003c10
OR
huaweicloudengine_5800_firmwareMatchv100r005c00
OR
huaweicloudengine_5800_firmwareMatchv100r005c10
OR
huaweicloudengine_5800_firmwareMatchv100r006c00
AND
huaweicloudengine_5800Match-
Node
huaweicloudengine_6800_firmwareMatchv100r002c00
OR
huaweicloudengine_6800_firmwareMatchv100r003c00
OR
huaweicloudengine_6800_firmwareMatchv100r003c10
OR
huaweicloudengine_6800_firmwareMatchv100r005c00
OR
huaweicloudengine_6800_firmwareMatchv100r005c10
OR
huaweicloudengine_6800_firmwareMatchv100r006c00
AND
huaweicloudengine_6800Match-
Node
huaweicloudengine_12800_firmwareMatchv100r002c00
OR
huaweicloudengine_12800_firmwareMatchv100r003c00
OR
huaweicloudengine_12800_firmwareMatchv100r003c10
OR
huaweicloudengine_12800_firmwareMatchv100r005c00
OR
huaweicloudengine_12800_firmwareMatchv100r005c10
OR
huaweicloudengine_12800_firmwareMatchv100r006c00
AND
huaweicloudengine_12800Match-
Node
huaweicloudengine_7800_firmwareMatchv100r003c00
OR
huaweicloudengine_7800_firmwareMatchv100r003c10
OR
huaweicloudengine_7800_firmwareMatchv100r005c00
OR
huaweicloudengine_7800_firmwareMatchv100r005c10
OR
huaweicloudengine_7800_firmwareMatchv100r006c00
AND
huaweicloudengine_7800Match-
Node
huaweicloudengine_8800_firmwareMatchv100r006c00
AND
huaweicloudengine_8800Match-
Node
huaweisecospace_usg6600_firmwareMatchv500r001c00
AND
huaweisecospace_usg6600Match-

CNA Affected

[
  {
    "product": "CloudEngine 5800, CloudEngine 6800, CloudEngine 7800, CloudEngine 8800,CloudEngine 12800, Secospace USG6600 CloudEngine 12800 V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, CloudEngine 6800 V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, CloudEngine 8800 V100R006C00, Secospace USG6600 V500R001C00",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "CloudEngine 5800, CloudEngine 6800, CloudEngine 7800, CloudEngine 8800,CloudEngine 12800, Secospace USG6600 CloudEngine 12800 V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, CloudEngine 6800 V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, CloudEngine 8800 V100R006C00, Secospace USG6600 V500R001C00"
      }
    ]
  }
]

Social References

More

Related

prion 1
openvas 1
huawei 1
cvelist 1
nvd 1
prion
prion
Integer overflow
2017-04-02 20:59:00
openvas
openvas
Huawei Data Communication: Integer Overflow Vulnerability in Some Huawei Devices (huawei-sa-20161123-01-vrp)
2020-05-19 00:00:00
huawei
huawei
Security Advisory - Integer Overflow Vulnerability in Some Huawei Devices
2016-11-23 00:00:00
cvelist
cvelist
CVE-2016-8795
2017-04-02 20:00:00
nvd
nvd
CVE-2016-8795
2017-04-02 20:59:01

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

5.9 Medium

AI Score

Confidence

High

7.1 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

0.002 Low

EPSS

Percentile

53.2%

JSON
Related for CVE-2016-8795
prion1openvas1huawei1cvelist1nvd1