CVE-2016-4087

Published May 23, 2016

Last updated 9 years ago

CVSS high 8.1

Overview

Description: Huawei S12700 switches with software before V200R008C00SPC500 and S5700 switches with software before V200R005SPH010, when the debug switch is enabled, allows remote attackers to cause a denial of service or execute arbitrary code via crafted DNS packets.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 3.0

Type: Primary
Base score: 8.1
Impact score: 5.9
Exploitability score: 2.2
Vector string: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 5.1
Impact score: 6.4
Exploitability score: 4.9
Vector string: AV:N/AC:H/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-20

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r005c00spc300:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C5234B43-EA0C-45C9-B188-4D6085F031F8"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r001c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "336AA440-AEF4-482B-A037-8976DC38BA1A"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r002c00spc100:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EBC629F6-BF42-4C2B-8CB1-2C4412C8D95A"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DEC329F7-D83F-4119-B8CA-CC819EC872CB"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DCF23DAE-1215-41B2-88C5-4436D846266C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References