FKIE_CVE-2016-8797

Vulnerability from fkie_nvd - Published: 2017-04-02 20:59 - Updated: 2025-04-20 01:37
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Huawei AR3200 with software V200R007C00, V200R005C32, V200R005C20; S12700 with software V200R008C00, V200R007C00; S5300 with software V200R008C00, V200R007C00, V200R006C00; S5700 with software V200R008C00, V200R007C00, V200R006C00; S6300 with software V200R008C00, V200R007C00; S6700 with software V200R008C00, V200R007C00; S7700 with software V200R008C00, V200R007C00, V200R006C00; S9300 with software V200R008C00, V200R007C00, V200R006C00; and S9700 with software V200R008C00, V200R007C00, V200R006C00 allow remote attackers to send abnormal Multiprotocol Label Switching (MPLS) packets to cause memory exhaustion.
References
psirt@huawei.comhttp://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160608-01-mpls-enVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160608-01-mpls-enVendor Advisory
Impacted products
Vendor Product Version
huawei ar3200_firmware v200r005c20
huawei ar3200_firmware v200r005c32
huawei ar3200_firmware v200r007c00
huawei ar3200 -
huawei s12700_firmware v200r007c00
huawei s12700_firmware v200r008c00
huawei s12700 -
huawei s5300_firmware v200r006c00
huawei s5300_firmware v200r007c00
huawei s5300_firmware v200r008c00
huawei s5300 -
huawei s5700_firmware v200r006c00
huawei s5700_firmware v200r007c00
huawei s5700_firmware v200r008c00
huawei s5700 -
huawei s6300_firmware v200r007c00
huawei s6300_firmware v200r008c00
huawei s6300 -
huawei s6700_firmware v200r007c00
huawei s6700_firmware v200r008c00
huawei s6700 -
huawei s7700_firmware v200r006c00
huawei s7700_firmware v200r007c00
huawei s7700_firmware v200r008c00
huawei s7700 -
huawei s9300_firmware v200r006c00
huawei s9300_firmware v200r007c00
huawei s9300_firmware v200r008c00
huawei s9300 -
huawei s9700_firmware v200r006c00
huawei s9700_firmware v200r007c00
huawei s9700_firmware v200r008c00
huawei s9700 -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r005c20:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C10C07E-5194-4EAB-9AC8-DB87CE52F5FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r005c32:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FE26EE9-2331-4D72-96CF-635A0A4EBE3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "9752658E-3CF5-4D9E-98FB-D15FD892479C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:ar3200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9309E1AA-0C4E-422C-9307-A8DD0AE5D576",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "10CBC93B-5CF6-45BF-A90A-84B7693E27FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r008c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD4C5CC9-FD60-4C64-8F88-CFC71BBEA663",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r006c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "58C2E728-E8F2-461D-A069-4BEC88B94FD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r007c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD6B13D4-07F3-4CB5-8194-89781E685A78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r008c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "5454BC21-A04F-4B3D-8533-2414B6E1BC8C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:s5300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CFEF08E-54C5-4D60-AFF0-37B00D6E2DDD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r006c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "5973A534-F961-4A97-B20E-994BA28AFE29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r007c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "40745A01-E5AC-4207-A34F-D8E7F7231F83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r008c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "21FFF548-FBEF-468A-A8DE-1DB1B7C0B3AF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:s6300_firmware:v200r007c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5811970-FE82-4888-A01D-B356B5578296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s6300_firmware:v200r008c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "939C73D9-E0E9-47A5-970E-6C84F5ECD2D7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:s6300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA3C8988-A1FC-4B04-9134-F2BDDADEAFB5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r007c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF4AF711-D921-4261-A459-2A0780EA951F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r008c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DA5CF67-A58B-4666-B87E-712507233453",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r006c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF3FB3CC-2EAC-4A08-BDDC-DCACEE9FA2AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r007c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "2377CD30-6F57-46CB-9DD1-E29458A7D928",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r008c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D79CD09-3414-4105-AD59-F3D1BAC61B7E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:s9300_firmware:v200r006c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC8AE44D-1924-4C01-B4B9-CC5BF485A3EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s9300_firmware:v200r007c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "886E9D1F-25FA-41FA-A64B-E42B9910D2B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s9300_firmware:v200r008c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E7DB9D3-BB34-49BE-8302-A054D79FE8D6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:s9300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD2EC926-50C6-4CBE-BB6F-56F3A6287DEE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r006c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AC7E622-010C-4C5D-8AA6-D4793AFCE0E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "D78DAB13-32AA-4813-AB0A-0EA870F41183",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r008c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "36AB80F7-1BD2-4169-AC70-708CE84BB15C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "75FAA4BF-1ED0-4059-ADA1-071AF1BF2882",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Huawei AR3200 with software V200R007C00, V200R005C32, V200R005C20; S12700 with software V200R008C00, V200R007C00; S5300 with software V200R008C00, V200R007C00, V200R006C00; S5700 with software V200R008C00, V200R007C00, V200R006C00; S6300 with software V200R008C00, V200R007C00; S6700 with software V200R008C00, V200R007C00; S7700 with software V200R008C00, V200R007C00, V200R006C00; S9300 with software V200R008C00, V200R007C00, V200R006C00; and S9700 with software V200R008C00, V200R007C00, V200R006C00 allow remote attackers to send abnormal Multiprotocol Label Switching (MPLS) packets to cause memory exhaustion."
    },
    {
      "lang": "es",
      "value": "Huawei AR3200 con software V200R007C00, V200R005C32, V200R005C20; S12700 con software V200R008C00, V200R007C00; S5300 con software V200R008C00, V200R007C00, V200R006C00; S5700 con software V200R008C00, V200R007C00, V200R006C00; S6300 con software V200R008C00, V200R007C00; S6700 con software V200R008C00, V200R007C00; S7700 con software V200R008C00, V200R007C00, V200R006C00; S9300 con software V200R008C00, V200R007C00, V200R006C00; y S9700 con software V200R008C00, V200R007C00, V200R006C00 permiten a atacantes remotos enviar paquetes Multiprotocol Label Switching (MPLS) anormales para provocar un agotamiento de la memoria."
    }
  ],
  "id": "CVE-2016-8797",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-04-02T20:59:01.860",
  "references": [
    {
      "source": "psirt@huawei.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160608-01-mpls-en"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160608-01-mpls-en"
    }
  ],
  "sourceIdentifier": "psirt@huawei.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.