cvelistv5 - cve-2016-8790

cve-2016-8790

Vulnerability from cvelistv5

Published

2017-04-02 20:00

Modified

2024-08-06 02:35

Severity ?

Summary

References

URL	Tags
psirt@huawei.com	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-cfm-en	Vendor Advisory
psirt@huawei.com	http://www.securityfocus.com/bid/94402	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-cfm-en	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/94402	Third Party Advisory, VDB Entry

Impacted products

Vendor

Product

Version

▼

n/a

CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,CloudEngine 8800,CloudEngine 12800 V100R003C10,V100R005C00,V100R005C10,V100R006C00

Version: CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,CloudEngine 8800,CloudEngine 12800 V100R003C10,V100R005C00,V100R005C10,V100R006C00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:35:01.084Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-cfm-en"
          },
          {
            "name": "94402",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/94402"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,CloudEngine 8800,CloudEngine 12800 V100R003C10,V100R005C00,V100R005C10,V100R006C00",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,CloudEngine 8800,CloudEngine 12800 V100R003C10,V100R005C00,V100R005C10,V100R006C00"
            }
          ]
        }
      ],
      "datePublic": "2017-03-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Huawei CloudEngine 5800 with software before V200R001C00SPC700, CloudEngine 6800 with software before V200R001C00SPC700, CloudEngine 7800 with software before V200R001C00SPC700, CloudEngine 8800 with software before V200R001C00SPC700, CloudEngine 12800 with software before V200R001C00SPC700 could allow the attacker to exploit a buffer overflow vulnerability by sending crafted packets to the affected system to cause a main control board reboot."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Buffer Overflow",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-03T09:57:01",
        "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "shortName": "huawei"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-cfm-en"
        },
        {
          "name": "94402",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/94402"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@huawei.com",
          "ID": "CVE-2016-8790",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,CloudEngine 8800,CloudEngine 12800 V100R003C10,V100R005C00,V100R005C10,V100R006C00",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,CloudEngine 8800,CloudEngine 12800 V100R003C10,V100R005C00,V100R005C10,V100R006C00"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Huawei CloudEngine 5800 with software before V200R001C00SPC700, CloudEngine 6800 with software before V200R001C00SPC700, CloudEngine 7800 with software before V200R001C00SPC700, CloudEngine 8800 with software before V200R001C00SPC700, CloudEngine 12800 with software before V200R001C00SPC700 could allow the attacker to exploit a buffer overflow vulnerability by sending crafted packets to the affected system to cause a main control board reboot."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Buffer Overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-cfm-en",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-cfm-en"
            },
            {
              "name": "94402",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/94402"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
    "assignerShortName": "huawei",
    "cveId": "CVE-2016-8790",
    "datePublished": "2017-04-02T20:00:00",
    "dateReserved": "2016-10-18T00:00:00",
    "dateUpdated": "2024-08-06T02:35:01.084Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r003c10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"061D3731-37D1-40A9-BE2B-7C43CADC3190\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"33B93684-6903-4A54-B631-15873D3D3744\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9DFDAAAC-0585-406F-B547-FB71C5352209\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r006c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"916288E9-1DAB-40BE-9C29-3E8603FC0F02\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C8FD775C-F6B6-42B3-942E-EB4DC889B5F0\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r003c10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EC3752F8-78AB-43C9-B499-B3E2031BB29B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E31AD6C5-E687-47C9-8473-2486A6864128\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"40D8A10D-8B77-4F43-87A9-803ED9855AC9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r006c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5E574B02-F89A-4D5C-B462-3AF56F1C0A57\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"19F2B3CC-12AD-466D-98F9-0C09C7C053CF\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r003c10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE5D868B-B2F8-4C25-8134-5ED8758AFB90\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"828A6E23-962D-4A92-B14D-949B01489F35\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B676B444-6128-4A04-B3E7-421F74FA9CD1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r006c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BF6985E0-9375-4DE2-A879-AAACF923381C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D05E858C-A3D8-4BF1-A750-CFD8C949ABF0\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:cloudengine_8800_firmware:v100r006c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"494F5272-28A3-4CE8-BB15-A7532C6DBA2E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:cloudengine_8800:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"102751EB-C284-4983-BDFA-BFB634CB2CEC\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r003c10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5C4D77D6-4CCA-45A3-8B8F-2A2E3AD82753\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E58D7203-2EE3-412A-B39C-94D82B0BBB98\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"71EF4F82-092F-4D19-832B-A174F7D47477\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r006c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C2DACA5-0AA6-419B-AC6A-8CC19326758E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE8A2875-0F7E-4790-A925-5999396B7578\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Huawei CloudEngine 5800 with software before V200R001C00SPC700, CloudEngine 6800 with software before V200R001C00SPC700, CloudEngine 7800 with software before V200R001C00SPC700, CloudEngine 8800 with software before V200R001C00SPC700, CloudEngine 12800 with software before V200R001C00SPC700 could allow the attacker to exploit a buffer overflow vulnerability by sending crafted packets to the affected system to cause a main control board reboot.\"}, {\"lang\": \"es\", \"value\": \"Huawei CloudEngine 5800 con software en versiones anteriores a V200R001C00SPC700, CloudEngine 6800 con software en versiones anteriores a V200R001C00SPC700, CloudEngine 7800 con software en versiones anteriores a V200R001C00SPC700, CloudEngine 8800 con software en versiones anteriores a V200R001C00SPC700, CloudEngine 12800 con software en versiones anteriores a V200R001C00SPC700 podr\\u00eda permitir al atacante explotar una vulnerabilidad de desbordamiento de b\\u00fafer enviando paquetes manipulados al sistema afectado para provocar un reinicio del panel de control principal.\"}]",
      "id": "CVE-2016-8790",
      "lastModified": "2024-11-21T03:00:04.937",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.7, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.1, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:A/AC:L/Au:S/C:N/I:N/A:C\", \"baseScore\": 5.5, \"accessVector\": \"ADJACENT_NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 5.1, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2017-04-02T20:59:01.640",
      "references": "[{\"url\": \"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-cfm-en\", \"source\": \"psirt@huawei.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/94402\", \"source\": \"psirt@huawei.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-cfm-en\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/94402\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "psirt@huawei.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-8790\",\"sourceIdentifier\":\"psirt@huawei.com\",\"published\":\"2017-04-02T20:59:01.640\",\"lastModified\":\"2024-11-21T03:00:04.937\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Huawei CloudEngine 5800 with software before V200R001C00SPC700, CloudEngine 6800 with software before V200R001C00SPC700, CloudEngine 7800 with software before V200R001C00SPC700, CloudEngine 8800 with software before V200R001C00SPC700, CloudEngine 12800 with software before V200R001C00SPC700 could allow the attacker to exploit a buffer overflow vulnerability by sending crafted packets to the affected system to cause a main control board reboot.\"},{\"lang\":\"es\",\"value\":\"Huawei CloudEngine 5800 con software en versiones anteriores a V200R001C00SPC700, CloudEngine 6800 con software en versiones anteriores a V200R001C00SPC700, CloudEngine 7800 con software en versiones anteriores a V200R001C00SPC700, CloudEngine 8800 con software en versiones anteriores a V200R001C00SPC700, CloudEngine 12800 con software en versiones anteriores a V200R001C00SPC700 podr\u00eda permitir al atacante explotar una vulnerabilidad de desbordamiento de b\u00fafer enviando paquetes manipulados al sistema afectado para provocar un reinicio del panel de control principal.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.1,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:A/AC:L/Au:S/C:N/I:N/A:C\",\"baseScore\":5.5,\"accessVector\":\"ADJACENT_NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":5.1,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r003c10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"061D3731-37D1-40A9-BE2B-7C43CADC3190\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33B93684-6903-4A54-B631-15873D3D3744\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DFDAAAC-0585-406F-B547-FB71C5352209\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r006c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"916288E9-1DAB-40BE-9C29-3E8603FC0F02\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8FD775C-F6B6-42B3-942E-EB4DC889B5F0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r003c10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC3752F8-78AB-43C9-B499-B3E2031BB29B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E31AD6C5-E687-47C9-8473-2486A6864128\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40D8A10D-8B77-4F43-87A9-803ED9855AC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r006c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E574B02-F89A-4D5C-B462-3AF56F1C0A57\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19F2B3CC-12AD-466D-98F9-0C09C7C053CF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r003c10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE5D868B-B2F8-4C25-8134-5ED8758AFB90\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"828A6E23-962D-4A92-B14D-949B01489F35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B676B444-6128-4A04-B3E7-421F74FA9CD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r006c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF6985E0-9375-4DE2-A879-AAACF923381C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D05E858C-A3D8-4BF1-A750-CFD8C949ABF0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_8800_firmware:v100r006c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"494F5272-28A3-4CE8-BB15-A7532C6DBA2E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:cloudengine_8800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"102751EB-C284-4983-BDFA-BFB634CB2CEC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r003c10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C4D77D6-4CCA-45A3-8B8F-2A2E3AD82753\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E58D7203-2EE3-412A-B39C-94D82B0BBB98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71EF4F82-092F-4D19-832B-A174F7D47477\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r006c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C2DACA5-0AA6-419B-AC6A-8CC19326758E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE8A2875-0F7E-4790-A925-5999396B7578\"}]}]}],\"references\":[{\"url\":\"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-cfm-en\",\"source\":\"psirt@huawei.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/94402\",\"source\":\"psirt@huawei.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-cfm-en\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/94402\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}

Huawei CloudEngine 5800 with software before V200R001C00SPC700, CloudEngine 6800 with software before V200R001C00SPC700, CloudEngine 7800 with software before V200R001C00SPC700, CloudEngine 8800 with software before V200R001C00SPC700, CloudEngine 12800 with software before V200R001C00SPC700 could allow the attacker to exploit a buffer overflow vulnerability by sending crafted packets to the affected system to cause a main control board reboot. The CloudEngine5800, CloudEngine6800, CloudEngine7800, CloudEngine8800, and CloudEngine12800 are Huawei switch devices. A buffer overflow vulnerability exists in the CFM (ConnectivityFault Management) feature of several Huawei products. Multiple Huawei CloudEngine Products are prone to a buffer-overflow vulnerability because they fail to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Attackers can exploit this issue to reboot the affected device to cause denial-of-service conditions. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed. Huawei CloudEngine 5800 and others are data center switches of China's Huawei (Huawei). The following products and models are affected: CloudEngine 5800 V100R003C10 , V100R005C00 , V100R005C10 , V100R006C00 ; CloudEngine 6800 V100R003C10 , V100R005C00 , V100R005C10 , V100R006C00 ; CloudEngine 7800 V100R003C10 , V100R005C00 , V100R005C10 , V100R006C00 ; CloudEngine 8800 V100R006C00 ; loudEngine 12800 V100R003C10 , V100R005C00 , V100R005C10 , V100R006C00

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201704-1023",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "cloudengine 6800",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v100r003c10"
      },
      {
        "model": "cloudengine 7800",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v100r003c10"
      },
      {
        "model": "cloudengine 7800",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v100r005c00"
      },
      {
        "model": "cloudengine 7800",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v100r006c00"
      },
      {
        "model": "cloudengine 12800",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v100r005c00"
      },
      {
        "model": "cloudengine 12800",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v100r006c00"
      },
      {
        "model": "cloudengine 12800",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v100r005c10"
      },
      {
        "model": "cloudengine 8800",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v100r006c00"
      },
      {
        "model": "cloudengine 12800",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v100r003c10"
      },
      {
        "model": "cloudengine 7800",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v100r005c10"
      },
      {
        "model": "cloudengine 6800",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "v100r005c00"
      },
      {
        "model": "cloudengine 5800",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "v100r005c10"
      },
      {
        "model": "cloudengine 5800",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "v100r005c00"
      },
      {
        "model": "cloudengine 5800",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "v100r006c00"
      },
      {
        "model": "cloudengine 6800",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "v100r006c00"
      },
      {
        "model": "cloudengine 5800",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "v100r003c10"
      },
      {
        "model": "cloudengine 6800",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "v100r005c10"
      },
      {
        "model": "cloudengine v100r003c10",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "huawei",
        "version": "12800"
      },
      {
        "model": "cloudengine v100r005c00",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "huawei",
        "version": "12800"
      },
      {
        "model": "cloudengine v100r005c10",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "huawei",
        "version": "12800"
      },
      {
        "model": "cloudengine v100r003c10",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "huawei",
        "version": "5800"
      },
      {
        "model": "cloudengine v100r005c00",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "huawei",
        "version": "5800"
      },
      {
        "model": "cloudengine v100r005c10",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "huawei",
        "version": "5800"
      },
      {
        "model": "cloudengine v100r006c00",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "huawei",
        "version": "5800"
      },
      {
        "model": "cloudengine v100r003c10",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "huawei",
        "version": "6800"
      },
      {
        "model": "cloudengine v100r005c00",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "huawei",
        "version": "6800"
      },
      {
        "model": "cloudengine v100r005c10",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "huawei",
        "version": "6800"
      },
      {
        "model": "cloudengine v100r006c00",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "huawei",
        "version": "6800"
      },
      {
        "model": "cloudengine v100r003c10",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "huawei",
        "version": "7800"
      },
      {
        "model": "cloudengine v100r005c00",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "huawei",
        "version": "7800"
      },
      {
        "model": "cloudengine v100r005c10",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "huawei",
        "version": "7800"
      },
      {
        "model": "cloudengine v100r006c00",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "huawei",
        "version": "7800"
      },
      {
        "model": "cloudengine v100r006c00",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "huawei",
        "version": "8800"
      },
      {
        "model": "cloudengine v100r006c00",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "huawei",
        "version": "12800"
      },
      {
        "model": "cloudengine 12800",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r001c00spc700"
      },
      {
        "model": "cloudengine 5800",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r001c00spc700"
      },
      {
        "model": "cloudengine 6800",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r001c00spc700"
      },
      {
        "model": "cloudengine 7800",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r001c00spc700"
      },
      {
        "model": "cloudengine 8800",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r001c00spc700"
      },
      {
        "model": "cloudengine v200r001c00spc700",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "huawei",
        "version": "8800"
      },
      {
        "model": "cloudengine v200r001c00spc700",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "huawei",
        "version": "7800"
      },
      {
        "model": "cloudengine v200r001c00spc700",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "huawei",
        "version": "6800"
      },
      {
        "model": "cloudengine v200r001c00spc700",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "huawei",
        "version": "5800"
      },
      {
        "model": "cloudengine v200r001c00spc700",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "huawei",
        "version": "12800"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-11299"
      },
      {
        "db": "BID",
        "id": "94402"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008268"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-8790"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-472"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r006c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r003c10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r003c10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r006c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r006c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r003c10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_8800_firmware:v100r006c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:cloudengine_8800:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r003c10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r006c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-8790"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "94402"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2016-8790",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "SINGLE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 5.5,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 5.1,
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Adjacent Network",
            "authentication": "Single",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 5.5,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2016-8790",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "CNVD-2016-11299",
            "impactScore": 7.8,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 5.5,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 5.1,
            "id": "VHN-97610",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:A/AC:L/AU:S/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 2.1,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Adjacent Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 5.7,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2016-8790",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2016-8790",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2016-11299",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201611-472",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-97610",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2016-8790",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-11299"
      },
      {
        "db": "VULHUB",
        "id": "VHN-97610"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-8790"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008268"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-8790"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-472"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Huawei CloudEngine 5800 with software before V200R001C00SPC700, CloudEngine 6800 with software before V200R001C00SPC700, CloudEngine 7800 with software before V200R001C00SPC700, CloudEngine 8800 with software before V200R001C00SPC700, CloudEngine 12800 with software before V200R001C00SPC700 could allow the attacker to exploit a buffer overflow vulnerability by sending crafted packets to the affected system to cause a main control board reboot. The CloudEngine5800, CloudEngine6800, CloudEngine7800, CloudEngine8800, and CloudEngine12800 are Huawei switch devices. A buffer overflow vulnerability exists in the CFM (ConnectivityFault Management) feature of several Huawei products. Multiple Huawei CloudEngine Products are prone to a buffer-overflow vulnerability because they fail to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. \nAttackers can exploit this issue to reboot the affected device to cause  denial-of-service conditions. Due to the nature of this issue, arbitrary  code execution may be possible but this has not been confirmed. Huawei CloudEngine 5800 and others are data center switches of China\u0027s Huawei (Huawei). The following products and models are affected: CloudEngine 5800 V100R003C10 , V100R005C00 , V100R005C10 , V100R006C00 ; CloudEngine 6800 V100R003C10 , V100R005C00 , V100R005C10 , V100R006C00 ; CloudEngine 7800 V100R003C10 , V100R005C00 , V100R005C10 , V100R006C00 ; CloudEngine 8800 V100R006C00 ; loudEngine 12800 V100R003C10 , V100R005C00 , V100R005C10 , V100R006C00 ",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-8790"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008268"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-11299"
      },
      {
        "db": "BID",
        "id": "94402"
      },
      {
        "db": "VULHUB",
        "id": "VHN-97610"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-8790"
      }
    ],
    "trust": 2.61
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-8790",
        "trust": 3.5
      },
      {
        "db": "BID",
        "id": "94402",
        "trust": 2.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008268",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-472",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-11299",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-97610",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-8790",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-11299"
      },
      {
        "db": "VULHUB",
        "id": "VHN-97610"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-8790"
      },
      {
        "db": "BID",
        "id": "94402"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008268"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-8790"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-472"
      }
    ]
  },
  "id": "VAR-201704-1023",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-11299"
      },
      {
        "db": "VULHUB",
        "id": "VHN-97610"
      }
    ],
    "trust": 1.4642857079999998
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-11299"
      }
    ]
  },
  "last_update_date": "2023-12-18T14:05:49.422000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "huawei-sa-20161116-01-cfm",
        "trust": 0.8,
        "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-cfm-en"
      },
      {
        "title": "Patches for buffer overflow vulnerabilities in CFM functions in various Huawei products",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/84101"
      },
      {
        "title": "Multiple Huawei CloudEngin Product Buffer Overflow Vulnerability Fix",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=65810"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-11299"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008268"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-472"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-97610"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008268"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-8790"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.1,
        "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-cfm-en"
      },
      {
        "trust": 1.9,
        "url": "http://www.securityfocus.com/bid/94402"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8790"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-8790"
      },
      {
        "trust": 0.6,
        "url": "http://www.huawei.com/cn/psirt/security-advisories/2016/huawei-sa-20161116-01-cfm-cn"
      },
      {
        "trust": 0.3,
        "url": "http://www.huawei.com"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/119.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-11299"
      },
      {
        "db": "VULHUB",
        "id": "VHN-97610"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-8790"
      },
      {
        "db": "BID",
        "id": "94402"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008268"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-8790"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-472"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-11299"
      },
      {
        "db": "VULHUB",
        "id": "VHN-97610"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-8790"
      },
      {
        "db": "BID",
        "id": "94402"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008268"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-8790"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-472"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-11-18T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-11299"
      },
      {
        "date": "2017-04-02T00:00:00",
        "db": "VULHUB",
        "id": "VHN-97610"
      },
      {
        "date": "2017-04-02T00:00:00",
        "db": "VULMON",
        "id": "CVE-2016-8790"
      },
      {
        "date": "2016-11-16T00:00:00",
        "db": "BID",
        "id": "94402"
      },
      {
        "date": "2017-05-09T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-008268"
      },
      {
        "date": "2017-04-02T20:59:01.640000",
        "db": "NVD",
        "id": "CVE-2016-8790"
      },
      {
        "date": "2016-11-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201611-472"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-11-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-11299"
      },
      {
        "date": "2017-04-11T00:00:00",
        "db": "VULHUB",
        "id": "VHN-97610"
      },
      {
        "date": "2017-04-11T00:00:00",
        "db": "VULMON",
        "id": "CVE-2016-8790"
      },
      {
        "date": "2016-11-24T01:12:00",
        "db": "BID",
        "id": "94402"
      },
      {
        "date": "2017-05-09T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-008268"
      },
      {
        "date": "2017-04-11T01:14:13.537000",
        "db": "NVD",
        "id": "CVE-2016-8790"
      },
      {
        "date": "2016-11-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201611-472"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "specific network environment",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-472"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Huawei CloudEngine Software overflow buffer overflow vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008268"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer overflow",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-472"
      }
    ],
    "trust": 0.6
  }
}

gsd-2016-8790

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2016-8790

Aliases

CVE-2016-8790

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-8790",
    "description": "Huawei CloudEngine 5800 with software before V200R001C00SPC700, CloudEngine 6800 with software before V200R001C00SPC700, CloudEngine 7800 with software before V200R001C00SPC700, CloudEngine 8800 with software before V200R001C00SPC700, CloudEngine 12800 with software before V200R001C00SPC700 could allow the attacker to exploit a buffer overflow vulnerability by sending crafted packets to the affected system to cause a main control board reboot.",
    "id": "GSD-2016-8790"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-8790"
      ],
      "details": "Huawei CloudEngine 5800 with software before V200R001C00SPC700, CloudEngine 6800 with software before V200R001C00SPC700, CloudEngine 7800 with software before V200R001C00SPC700, CloudEngine 8800 with software before V200R001C00SPC700, CloudEngine 12800 with software before V200R001C00SPC700 could allow the attacker to exploit a buffer overflow vulnerability by sending crafted packets to the affected system to cause a main control board reboot.",
      "id": "GSD-2016-8790",
      "modified": "2023-12-13T01:21:22.720390Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@huawei.com",
        "ID": "CVE-2016-8790",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,CloudEngine 8800,CloudEngine 12800 V100R003C10,V100R005C00,V100R005C10,V100R006C00",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,CloudEngine 8800,CloudEngine 12800 V100R003C10,V100R005C00,V100R005C10,V100R006C00"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Huawei CloudEngine 5800 with software before V200R001C00SPC700, CloudEngine 6800 with software before V200R001C00SPC700, CloudEngine 7800 with software before V200R001C00SPC700, CloudEngine 8800 with software before V200R001C00SPC700, CloudEngine 12800 with software before V200R001C00SPC700 could allow the attacker to exploit a buffer overflow vulnerability by sending crafted packets to the affected system to cause a main control board reboot."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Buffer Overflow"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-cfm-en",
            "refsource": "CONFIRM",
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-cfm-en"
          },
          {
            "name": "94402",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/94402"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r006c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r003c10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r003c10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r006c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r006c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r003c10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_8800_firmware:v100r006c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:cloudengine_8800:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r003c10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r006c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@huawei.com",
          "ID": "CVE-2016-8790"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Huawei CloudEngine 5800 with software before V200R001C00SPC700, CloudEngine 6800 with software before V200R001C00SPC700, CloudEngine 7800 with software before V200R001C00SPC700, CloudEngine 8800 with software before V200R001C00SPC700, CloudEngine 12800 with software before V200R001C00SPC700 could allow the attacker to exploit a buffer overflow vulnerability by sending crafted packets to the affected system to cause a main control board reboot."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-cfm-en",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-cfm-en"
            },
            {
              "name": "94402",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/94402"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 5.5,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 5.1,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 2.1,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2017-04-11T01:14Z",
      "publishedDate": "2017-04-02T20:59Z"
    }
  }
}

ghsa-cj35-9pcq-xm7q

Vulnerability from github

Published

2022-05-17 02:50

Modified

2022-05-17 02:50

Severity ?

5.7 (Medium) - CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-8790"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-04-02T20:59:00Z",
    "severity": "MODERATE"
  },
  "details": "Huawei CloudEngine 5800 with software before V200R001C00SPC700, CloudEngine 6800 with software before V200R001C00SPC700, CloudEngine 7800 with software before V200R001C00SPC700, CloudEngine 8800 with software before V200R001C00SPC700, CloudEngine 12800 with software before V200R001C00SPC700 could allow the attacker to exploit a buffer overflow vulnerability by sending crafted packets to the affected system to cause a main control board reboot.",
  "id": "GHSA-cj35-9pcq-xm7q",
  "modified": "2022-05-17T02:50:59Z",
  "published": "2022-05-17T02:50:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8790"
    },
    {
      "type": "WEB",
      "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-cfm-en"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/94402"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

cve-2016-8790

Vulnerability from fkie_nvd

Published

2017-04-02 20:59

Modified

2024-11-21 03:00

Severity ?

5.7 (Medium) - CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
psirt@huawei.com	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-cfm-en	Vendor Advisory
psirt@huawei.com	http://www.securityfocus.com/bid/94402	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-cfm-en	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/94402	Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
huawei	cloudengine_5800_firmware	v100r003c10
huawei	cloudengine_5800_firmware	v100r005c00
huawei	cloudengine_5800_firmware	v100r005c10
huawei	cloudengine_5800_firmware	v100r006c00
huawei	cloudengine_5800	-
huawei	cloudengine_6800_firmware	v100r003c10
huawei	cloudengine_6800_firmware	v100r005c00
huawei	cloudengine_6800_firmware	v100r005c10
huawei	cloudengine_6800_firmware	v100r006c00
huawei	cloudengine_6800	-
huawei	cloudengine_7800_firmware	v100r003c10
huawei	cloudengine_7800_firmware	v100r005c00
huawei	cloudengine_7800_firmware	v100r005c10
huawei	cloudengine_7800_firmware	v100r006c00
huawei	cloudengine_7800	-
huawei	cloudengine_8800_firmware	v100r006c00
huawei	cloudengine_8800	-
huawei	cloudengine_12800_firmware	v100r003c10
huawei	cloudengine_12800_firmware	v100r005c00
huawei	cloudengine_12800_firmware	v100r005c10
huawei	cloudengine_12800_firmware	v100r006c00
huawei	cloudengine_12800	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r003c10:*:*:*:*:*:*:*",
              "matchCriteriaId": "061D3731-37D1-40A9-BE2B-7C43CADC3190",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "33B93684-6903-4A54-B631-15873D3D3744",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c10:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DFDAAAC-0585-406F-B547-FB71C5352209",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r006c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "916288E9-1DAB-40BE-9C29-3E8603FC0F02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8FD775C-F6B6-42B3-942E-EB4DC889B5F0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r003c10:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC3752F8-78AB-43C9-B499-B3E2031BB29B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "E31AD6C5-E687-47C9-8473-2486A6864128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c10:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D8A10D-8B77-4F43-87A9-803ED9855AC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r006c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E574B02-F89A-4D5C-B462-3AF56F1C0A57",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19F2B3CC-12AD-466D-98F9-0C09C7C053CF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r003c10:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE5D868B-B2F8-4C25-8134-5ED8758AFB90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "828A6E23-962D-4A92-B14D-949B01489F35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c10:*:*:*:*:*:*:*",
              "matchCriteriaId": "B676B444-6128-4A04-B3E7-421F74FA9CD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r006c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF6985E0-9375-4DE2-A879-AAACF923381C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D05E858C-A3D8-4BF1-A750-CFD8C949ABF0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_8800_firmware:v100r006c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "494F5272-28A3-4CE8-BB15-A7532C6DBA2E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:cloudengine_8800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "102751EB-C284-4983-BDFA-BFB634CB2CEC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r003c10:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C4D77D6-4CCA-45A3-8B8F-2A2E3AD82753",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "E58D7203-2EE3-412A-B39C-94D82B0BBB98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c10:*:*:*:*:*:*:*",
              "matchCriteriaId": "71EF4F82-092F-4D19-832B-A174F7D47477",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r006c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C2DACA5-0AA6-419B-AC6A-8CC19326758E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE8A2875-0F7E-4790-A925-5999396B7578",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Huawei CloudEngine 5800 with software before V200R001C00SPC700, CloudEngine 6800 with software before V200R001C00SPC700, CloudEngine 7800 with software before V200R001C00SPC700, CloudEngine 8800 with software before V200R001C00SPC700, CloudEngine 12800 with software before V200R001C00SPC700 could allow the attacker to exploit a buffer overflow vulnerability by sending crafted packets to the affected system to cause a main control board reboot."
    },
    {
      "lang": "es",
      "value": "Huawei CloudEngine 5800 con software en versiones anteriores a V200R001C00SPC700, CloudEngine 6800 con software en versiones anteriores a V200R001C00SPC700, CloudEngine 7800 con software en versiones anteriores a V200R001C00SPC700, CloudEngine 8800 con software en versiones anteriores a V200R001C00SPC700, CloudEngine 12800 con software en versiones anteriores a V200R001C00SPC700 podr\u00eda permitir al atacante explotar una vulnerabilidad de desbordamiento de b\u00fafer enviando paquetes manipulados al sistema afectado para provocar un reinicio del panel de control principal."
    }
  ],
  "id": "CVE-2016-8790",
  "lastModified": "2024-11-21T03:00:04.937",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 5.5,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 5.1,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 5.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.1,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-04-02T20:59:01.640",
  "references": [
    {
      "source": "psirt@huawei.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-cfm-en"
    },
    {
      "source": "psirt@huawei.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/94402"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-cfm-en"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/94402"
    }
  ],
  "sourceIdentifier": "psirt@huawei.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2016-8790

Vulnerability from cvelistv5

var-201704-1023

Vulnerability from variot

gsd-2016-8790

Vulnerability from gsd

ghsa-cj35-9pcq-xm7q

Vulnerability from github

cve-2016-8790

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature