CVE-2016-8797

Published Apr 2, 2017

Last updated 8 years ago

CVSS high 7.5

Overview

Description: Huawei AR3200 with software V200R007C00, V200R005C32, V200R005C20; S12700 with software V200R008C00, V200R007C00; S5300 with software V200R008C00, V200R007C00, V200R006C00; S5700 with software V200R008C00, V200R007C00, V200R006C00; S6300 with software V200R008C00, V200R007C00; S6700 with software V200R008C00, V200R007C00; S7700 with software V200R008C00, V200R007C00, V200R006C00; S9300 with software V200R008C00, V200R007C00, V200R006C00; and S9700 with software V200R008C00, V200R007C00, V200R006C00 allow remote attackers to send abnormal Multiprotocol Label Switching (MPLS) packets to cause memory exhaustion.
Source: psirt@huawei.com
NVD status: Analyzed

Risk scores

CVSS 3.0

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-399

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r005c20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C10C07E-5194-4EAB-9AC8-DB87CE52F5FA"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r005c32:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7FE26EE9-2331-4D72-96CF-635A0A4EBE3E"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9752658E-3CF5-4D9E-98FB-D15FD892479C"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ar3200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9309E1AA-0C4E-422C-9307-A8DD0AE5D576"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "10CBC93B-5CF6-45BF-A90A-84B7693E27FD"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r008c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD4C5CC9-FD60-4C64-8F88-CFC71BBEA663"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r006c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "58C2E728-E8F2-461D-A069-4BEC88B94FD0"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FD6B13D4-07F3-4CB5-8194-89781E685A78"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r008c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5454BC21-A04F-4B3D-8533-2414B6E1BC8C"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s5300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2CFEF08E-54C5-4D60-AFF0-37B00D6E2DDD"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r006c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5973A534-F961-4A97-B20E-994BA28AFE29"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40745A01-E5AC-4207-A34F-D8E7F7231F83"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r008c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "21FFF548-FBEF-468A-A8DE-1DB1B7C0B3AF"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s6300_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D5811970-FE82-4888-A01D-B356B5578296"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6300_firmware:v200r008c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "939C73D9-E0E9-47A5-970E-6C84F5ECD2D7"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s6300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AA3C8988-A1FC-4B04-9134-F2BDDADEAFB5"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FF4AF711-D921-4261-A459-2A0780EA951F"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r008c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8DA5CF67-A58B-4666-B87E-712507233453"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r006c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EF3FB3CC-2EAC-4A08-BDDC-DCACEE9FA2AE"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2377CD30-6F57-46CB-9DD1-E29458A7D928"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r008c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D79CD09-3414-4105-AD59-F3D1BAC61B7E"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s9300_firmware:v200r006c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BC8AE44D-1924-4C01-B4B9-CC5BF485A3EB"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s9300_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "886E9D1F-25FA-41FA-A64B-E42B9910D2B3"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s9300_firmware:v200r008c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0E7DB9D3-BB34-49BE-8302-A054D79FE8D6"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s9300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AD2EC926-50C6-4CBE-BB6F-56F3A6287DEE"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r006c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6AC7E622-010C-4C5D-8AA6-D4793AFCE0E0"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D78DAB13-32AA-4813-AB0A-0EA870F41183"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r008c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "36AB80F7-1BD2-4169-AC70-708CE84BB15C"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "75FAA4BF-1ED0-4059-ADA1-071AF1BF2882"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References