VAR-201704-1028
Vulnerability from variot - Updated: 2023-12-18 13:57Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 6800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 7800 with software V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 8800 with software V100R006C00; and Secospace USG6600 with software V500R001C00 allow remote unauthenticated attackers to craft specific IPFPM packets to trigger an integer overflow and cause the device to reset. HuaweiCloudEngine12800, CloudEngine5800, CloudEngine6800, CloudEngine7800, and CloudEngine8800 are Huawei switch devices. An integer overflow vulnerability exists in some Huawei switches. Multiple Huawei CloudEngine Products are prone to an integer-overflow vulnerability. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed. Huawei CloudEngine 5800 and others are data center switches of China's Huawei (Huawei). The vulnerability is caused by the fact that the programs do not check specific fields in IPFPM packets. The following products and versions are affected: versions earlier than Huawei CloudEngine 12800 V200R001C00, versions earlier than CloudEngine 5800 V200R001C00, versions earlier than CloudEngine 6800 V200R001C00, versions earlier than CloudEngine 7800 V200R001C00, versions earlier than CloudEngine 8800 V200R001C
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-1028",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cloudengine 5800",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v100r002c00"
},
{
"model": "cloudengine 5800",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v100r003c00"
},
{
"model": "cloudengine 5800",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v100r003c10"
},
{
"model": "cloudengine 5800",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v100r005c00"
},
{
"model": "cloudengine 5800",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v100r005c10"
},
{
"model": "cloudengine 5800",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v100r006c00"
},
{
"model": "cloudengine 6800",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v100r002c00"
},
{
"model": "cloudengine 6800",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v100r003c00"
},
{
"model": "cloudengine 6800",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v100r003c10"
},
{
"model": "cloudengine 6800",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v100r005c00"
},
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r002c00"
},
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r003c00"
},
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r003c10"
},
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r005c00"
},
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r005c10"
},
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r006c00"
},
{
"model": "cloudengine 6800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r005c10"
},
{
"model": "cloudengine 6800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r006c00"
},
{
"model": "cloudengine 7800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r003c00"
},
{
"model": "cloudengine 7800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r003c10"
},
{
"model": "cloudengine 7800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r005c00"
},
{
"model": "cloudengine 7800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r005c10"
},
{
"model": "cloudengine 7800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r006c00"
},
{
"model": "cloudengine 8800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r006c00"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "cloudengine v100r003c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v100r003c10",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v100r005c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v100r005c10",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v100r006c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v100r003c10",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "5800"
},
{
"model": "cloudengine v100r005c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "5800"
},
{
"model": "cloudengine v100r005c10",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "5800"
},
{
"model": "cloudengine v100r006c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "5800"
},
{
"model": "cloudengine v100r003c10",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "6800"
},
{
"model": "cloudengine v100r005c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "6800"
},
{
"model": "cloudengine v100r005c10",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "6800"
},
{
"model": "cloudengine v100r006c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "6800"
},
{
"model": "cloudengine v100r003c10",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "7800"
},
{
"model": "cloudengine v100r005c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "7800"
},
{
"model": "cloudengine v100r005c10",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "7800"
},
{
"model": "cloudengine v100r006c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "7800"
},
{
"model": "cloudengine v100r006c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "8800"
},
{
"model": "cloudengine v100r002c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v100r002c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "5800"
},
{
"model": "cloudengine v100r003c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "5800"
},
{
"model": "cloudengine v100r002c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "6800"
},
{
"model": "cloudengine v100r003c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "6800"
},
{
"model": "cloudengine v100r003c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "7800"
},
{
"model": "secospace usg6600 v500r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6600 v500r001c30spc200",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "cloudengine v200r001c00",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "8800"
},
{
"model": "cloudengine v200r001c00",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "7800"
},
{
"model": "cloudengine v200r001c00",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "6800"
},
{
"model": "cloudengine v200r001c00",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "5800"
},
{
"model": "cloudengine v200r001c00",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "12800"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11666"
},
{
"db": "BID",
"id": "94504"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008227"
},
{
"db": "NVD",
"id": "CVE-2016-8795"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-662"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r003c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r003c10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r002c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r006c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r002c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r003c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r003c10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r006c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r006c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r002c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r003c10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r003c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r006c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r003c10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r003c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:cloudengine_8800_firmware:v100r006c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:cloudengine_8800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-8795"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei",
"sources": [
{
"db": "BID",
"id": "94504"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-662"
}
],
"trust": 0.9
},
"cve": "CVE-2016-8795",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-8795",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"id": "CNVD-2016-11666",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-97615",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 5.9,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-8795",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-8795",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2016-11666",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201611-662",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-97615",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11666"
},
{
"db": "VULHUB",
"id": "VHN-97615"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008227"
},
{
"db": "NVD",
"id": "CVE-2016-8795"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-662"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 6800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 7800 with software V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 8800 with software V100R006C00; and Secospace USG6600 with software V500R001C00 allow remote unauthenticated attackers to craft specific IPFPM packets to trigger an integer overflow and cause the device to reset. HuaweiCloudEngine12800, CloudEngine5800, CloudEngine6800, CloudEngine7800, and CloudEngine8800 are Huawei switch devices. An integer overflow vulnerability exists in some Huawei switches. Multiple Huawei CloudEngine Products are prone to an integer-overflow vulnerability. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed. Huawei CloudEngine 5800 and others are data center switches of China\u0027s Huawei (Huawei). The vulnerability is caused by the fact that the programs do not check specific fields in IPFPM packets. The following products and versions are affected: versions earlier than Huawei CloudEngine 12800 V200R001C00, versions earlier than CloudEngine 5800 V200R001C00, versions earlier than CloudEngine 6800 V200R001C00, versions earlier than CloudEngine 7800 V200R001C00, versions earlier than CloudEngine 8800 V200R001C",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-8795"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008227"
},
{
"db": "CNVD",
"id": "CNVD-2016-11666"
},
{
"db": "BID",
"id": "94504"
},
{
"db": "VULHUB",
"id": "VHN-97615"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-8795",
"trust": 3.4
},
{
"db": "BID",
"id": "94504",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008227",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201611-662",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-11666",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-97615",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11666"
},
{
"db": "VULHUB",
"id": "VHN-97615"
},
{
"db": "BID",
"id": "94504"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008227"
},
{
"db": "NVD",
"id": "CVE-2016-8795"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-662"
}
]
},
"id": "VAR-201704-1028",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11666"
},
{
"db": "VULHUB",
"id": "VHN-97615"
}
],
"trust": 1.4524468733333333
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11666"
}
]
},
"last_update_date": "2023-12-18T13:57:25.584000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20161123-01-vrp",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-vrp-en"
},
{
"title": "Patches for integer overflow vulnerabilities in some Huawei switches",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/84462"
},
{
"title": "Multiple Huawei CloudEngine Product Integer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=65936"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11666"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008227"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-662"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-190",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-97615"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008227"
},
{
"db": "NVD",
"id": "CVE-2016-8795"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-vrp-en"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/94504"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8795"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-8795"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20161123-01-vrp-cn"
},
{
"trust": 0.3,
"url": "http://www.huawei.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11666"
},
{
"db": "VULHUB",
"id": "VHN-97615"
},
{
"db": "BID",
"id": "94504"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008227"
},
{
"db": "NVD",
"id": "CVE-2016-8795"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-662"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-11666"
},
{
"db": "VULHUB",
"id": "VHN-97615"
},
{
"db": "BID",
"id": "94504"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008227"
},
{
"db": "NVD",
"id": "CVE-2016-8795"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-662"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11666"
},
{
"date": "2017-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-97615"
},
{
"date": "2016-11-23T00:00:00",
"db": "BID",
"id": "94504"
},
{
"date": "2017-05-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008227"
},
{
"date": "2017-04-02T20:59:01.797000",
"db": "NVD",
"id": "CVE-2016-8795"
},
{
"date": "2016-11-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-662"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11666"
},
{
"date": "2017-04-05T00:00:00",
"db": "VULHUB",
"id": "VHN-97615"
},
{
"date": "2016-12-20T01:08:00",
"db": "BID",
"id": "94504"
},
{
"date": "2017-05-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008227"
},
{
"date": "2017-04-05T23:59:01.127000",
"db": "NVD",
"id": "CVE-2016-8795"
},
{
"date": "2016-12-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-662"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-662"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Vulnerability triggered by integer overflow in device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008227"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-662"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…