Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2016-8795
HistoryApr 02, 2017 - 8:59 p.m.

CVE-2016-8795

2017-04-0220:59:01
CWE-190
[email protected]
web.nvd.nist.gov

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

53.2%

JSON

Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 6800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 7800 with software V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 8800 with software V100R006C00; and Secospace USG6600 with software V500R001C00 allow remote unauthenticated attackers to craft specific IPFPM packets to trigger an integer overflow and cause the device to reset.

Affected configurations

NVD
Node
huaweicloudengine_5800_firmwareMatchv100r002c00
OR
huaweicloudengine_5800_firmwareMatchv100r003c00
OR
huaweicloudengine_5800_firmwareMatchv100r003c10
OR
huaweicloudengine_5800_firmwareMatchv100r005c00
OR
huaweicloudengine_5800_firmwareMatchv100r005c10
OR
huaweicloudengine_5800_firmwareMatchv100r006c00
AND
huaweicloudengine_5800Match-
Node
huaweicloudengine_6800_firmwareMatchv100r002c00
OR
huaweicloudengine_6800_firmwareMatchv100r003c00
OR
huaweicloudengine_6800_firmwareMatchv100r003c10
OR
huaweicloudengine_6800_firmwareMatchv100r005c00
OR
huaweicloudengine_6800_firmwareMatchv100r005c10
OR
huaweicloudengine_6800_firmwareMatchv100r006c00
AND
huaweicloudengine_6800Match-
Node
huaweicloudengine_12800_firmwareMatchv100r002c00
OR
huaweicloudengine_12800_firmwareMatchv100r003c00
OR
huaweicloudengine_12800_firmwareMatchv100r003c10
OR
huaweicloudengine_12800_firmwareMatchv100r005c00
OR
huaweicloudengine_12800_firmwareMatchv100r005c10
OR
huaweicloudengine_12800_firmwareMatchv100r006c00
AND
huaweicloudengine_12800Match-
Node
huaweicloudengine_7800_firmwareMatchv100r003c00
OR
huaweicloudengine_7800_firmwareMatchv100r003c10
OR
huaweicloudengine_7800_firmwareMatchv100r005c00
OR
huaweicloudengine_7800_firmwareMatchv100r005c10
OR
huaweicloudengine_7800_firmwareMatchv100r006c00
AND
huaweicloudengine_7800Match-
Node
huaweicloudengine_8800_firmwareMatchv100r006c00
AND
huaweicloudengine_8800Match-
Node
huaweisecospace_usg6600_firmwareMatchv500r001c00
AND
huaweisecospace_usg6600Match-

Related

openvas 1
huawei 1
prion 1
cvelist 1
cve 1
openvas
openvas
Huawei Data Communication: Integer Overflow Vulnerability in Some Huawei Devices (huawei-sa-20161123-01-vrp)
2020-05-19 00:00:00
huawei
huawei
Security Advisory - Integer Overflow Vulnerability in Some Huawei Devices
2016-11-23 00:00:00
prion
prion
Integer overflow
2017-04-02 20:59:00
cvelist
cvelist
CVE-2016-8795
2017-04-02 20:00:00
cve
cve
CVE-2016-8795
2017-04-02 20:59:01

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

53.2%

JSON
Related for NVD:CVE-2016-8795
openvas1huawei1prion1cvelist1cve1