{"hash": "e9455eacacad30064a7dab269a10373099f051612e8aeba87046c4e7a700866b", "id": "HUAWEI-SA-20160608-01-MPLS", "lastseen": "2016-09-05T13:35:33", "viewCount": 7, "hashmap": [{"hash": "2d60d3f0189b4c69168ac69b3c350a13", "key": "affectedSoftware"}, {"hash": "f9fa10ba956cacf91d7878861139efb9", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "41b62a8aa1ee5c40897717cadc30784a", "key": "cvss"}, {"hash": "b97d1713ededf945f51e79a1af8c33b1", "key": "description"}, {"hash": "f50df514038a1f03f02931a8ba8cb521", "key": "href"}, {"hash": "c7531cb6c1a0b98c5859aa1a1236cb81", "key": "modified"}, {"hash": "777d45bbbcdf50d49c42c70ad7acf5fe", "key": "objectVersion"}, {"hash": "c7531cb6c1a0b98c5859aa1a1236cb81", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "1fe6f9c53ed1ec89833f87f45ee6db6f", "key": "reporter"}, {"hash": "830377742a309ed1b4e787ad52a7c18c", "key": "title"}, {"hash": "c1aafc7e23f24ba11aae492f5caa2d97", "key": "type"}], "bulletinFamily": "software", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "edition": 1, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}, "vulnersScore": 5.0}, "type": "huawei", "description": "Some Huawei products have a memory leak vulnerability. When the packet processing module of the device processes abnormal Multiprotocol Label Switching (MPLS) packets sent by attackers, the module repeatedly applies for memory, resulting in memory exhaustion in persistent attacks. (Vulnerability ID: HWPSIRT-2016-03049)\nHuawei has released software updates to fix these vulnerabilities. This advisory is available at the following link: \nhttp://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160608-01-mpls-en", "title": "Security Advisory - Memory Leak Vulnerability in Some Huawei Products", "history": [], "objectVersion": "1.2", "cvelist": [], "published": "2016-06-08T00:00:00", "references": [], "reporter": "Huawei Technologies", "affectedSoftware": [{"version": "V200R005C20", "name": "AR3200", "operator": "eq"}, {"version": "V200R005C32", "name": "AR3200", "operator": "eq"}, {"version": "V200R007C00", "name": "AR3200", "operator": "eq"}], "modified": "2016-06-08T00:00:00", "href": "http://www.huawei.com/en/psirt/security-advisories/2016/huawei-sa-20160608-01-mpls-en"}

{"cve": [{"lastseen": "2017-04-18T16:00:47", "references": ["http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160608-01-mpls-en"], "edition": 1, "description": "Huawei AR3200 with software V200R007C00, V200R005C32, V200R005C20; S12700 with software V200R008C00, V200R007C00; S5300 with software V200R008C00, V200R007C00, V200R006C00; S5700 with software V200R008C00, V200R007C00, V200R006C00; S6300 with software V200R008C00, V200R007C00; S6700 with software V200R008C00, V200R007C00; S7700 with software V200R008C00, V200R007C00, V200R006C00; S9300 with software V200R008C00, V200R007C00, V200R006C00; and S9700 with software V200R008C00, V200R007C00, V200R006C00 allow remote attackers to send abnormal Multiprotocol Label Switching (MPLS) packets to cause memory exhaustion.", "reporter": "NVD", "published": "2017-04-02T16:59:01", "type": "cve", "title": "CVE-2016-8797", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2016-8797"], "scanner": [], "cpe": ["cpe:/o:huawei:s6300_firmware:v200r007c00", "cpe:/o:huawei:s6300_firmware:v200r008c00", "cpe:/o:huawei:s5700_firmware:v200r008c00", "cpe:/o:huawei:s6700_firmware:v200r007c00", "cpe:/o:huawei:s9700_firmware:v200r007c00", "cpe:/o:huawei:s7700_firmware:v200r006c00", "cpe:/o:huawei:s5300_firmware:v200r007c00", "cpe:/o:huawei:s9300_firmware:v200r006c00", "cpe:/o:huawei:s12700_firmware:v200r007c00", "cpe:/o:huawei:s5700_firmware:v200r006c00", "cpe:/o:huawei:s7700_firmware:v200r008c00", "cpe:/o:huawei:s7700_firmware:v200r007c00", "cpe:/o:huawei:s9700_firmware:v200r006c00", "cpe:/o:huawei:s9300_firmware:v200r007c00", "cpe:/o:huawei:ar3200_firmware:v200r007c00", "cpe:/o:huawei:ar3200_firmware:v200r005c32", "cpe:/o:huawei:s9300_firmware:v200r008c00", "cpe:/o:huawei:s5300_firmware:v200r008c00", "cpe:/o:huawei:s12700_firmware:v200r008c00", "cpe:/o:huawei:s9700_firmware:v200r008c00", "cpe:/o:huawei:s6700_firmware:v200r008c00", "cpe:/o:huawei:s5700_firmware:v200r007c00", "cpe:/o:huawei:ar3200_firmware:v200r005c20", "cpe:/o:huawei:s5300_firmware:v200r006c00"], "modified": "2017-04-10T21:03:45", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8797", "id": "CVE-2016-8797", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-12-01T02:41:28", "references": ["http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160608-01-mpls-en", "http://www.securityfocus.com/bid/91557"], "edition": 1, "description": "Memory leak in Huawei AR3200 before V200R007C00SPC900 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted Multiprotocol Label Switching (MPLS) packets.", "reporter": "NVD", "published": "2016-06-30T12:59:09", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "cve", "title": "CVE-2016-5368", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2016-5368"], "scanner": [], "cpe": ["cpe:/o:huawei:ar3200_firmware:v200r007c00", "cpe:/o:huawei:ar3200_firmware:v200r005c32", "cpe:/o:huawei:ar3200_firmware:v200r005c20"], "modified": "2016-11-28T15:24:55", "id": "CVE-2016-5368", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5368", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}]}