Sign-up

ID

VAR-201704-0502


CVE

CVE-2016-8773


TITLE

Multiple Huawei Service disruption in products (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2016-008266

DESCRIPTION

Huawei S5300 with software V200R003C00, V200R007C00, V200R008C00, V200R009C00; S5700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R005C03, V200R007C00, V200R008C00, V200R009C00; S6300 with software V200R003C00, V200R005C00, V200R008C00, V200R009C00; S6700 with software V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R008C00, V200R009C00; S7700 with software V200R007C00, V200R008C00, V200R009C00; S9300 with software V200R007C00, V200R008C00, V200R009C00; S9700 with software V200R007C00, V200R008C00, V200R009C00; and S12700 with software V200R007C00, V200R007C01, V200R008C00, V200R009C00 allow the attacker to cause a denial of service condition by sending malformed MPLS packets. Multiple Huawei Product has a service disruption (DoS) There are vulnerabilities that are put into a state.An attacker could create a malformed MPLS Service interruption due to packet transmission (DoS) There is a possibility of being put into a state. Huawei S9700 is the S series switch of China Huawei. A denial of service vulnerability exists in several Huawei products due to the failure of the program to properly verify MultiprotocolLabelSwitching (MPLS) messages. Multiple Huawei products are prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to crash the affected device, denying service to legitimate users. The following products and versions are affected: Huawei S9700 V200R009C00 , V200R008C00 , V200R007C00 ; Huawei S9300 V200R009C00 , V200R008C00 , V200R007C00 ; Huawei S7700 V200R009C00 , V200R008C00 , V200R007C00 ; Huawei S6700 V200R009C00 , V200R008C00 , V200R005C00 , V200R003C00 , V200R002C00 , V200R001C01 , V200R001C00 ; Huawei S6300 V200R009C00 , V200R008C00 , V200R005C00 , V200R003C00 ; Huawei S5700 V200R009C00 , V200R008C00 , V200R007C00 , V200R005C00 , V200R003C00 , V200R002C00 , V200R001C00 ; Huawei S5300 V200R009C00 , V200R008C00 , V200R007C00 , V200R003C00 ; Huawei S12700 V200R009C00 , V200R008C00 , V200R007C01 , V200R007C00

Trust: 2.52

sources: NVD: CVE-2016-8773 // JVNDB: JVNDB-2016-008266 // CNVD: CNVD-2016-11388 // BID: 94285 // VULHUB: VHN-97593

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2016-11388

AFFECTED PRODUCTS

vendor:huaweimodel:s7700scope:eqversion:v200r008c00

Trust: 1.6

vendor:huaweimodel:s9300scope:eqversion:v200r008c00

Trust: 1.6

vendor:huaweimodel:s9700scope:eqversion:v200r009c00

Trust: 1.6

vendor:huaweimodel:s7700scope:eqversion:v200r007c00

Trust: 1.6

vendor:huaweimodel:s9300scope:eqversion:v200r007c00

Trust: 1.6

vendor:huaweimodel:s7700scope:eqversion:v200r009c00

Trust: 1.6

vendor:huaweimodel:s9700scope:eqversion:v200r008c00

Trust: 1.6

vendor:huaweimodel:s9300scope:eqversion:v200r009c00

Trust: 1.6

vendor:huaweimodel:s6700scope:eqversion:v200r007c00

Trust: 1.6

vendor:huaweimodel:s9700scope:eqversion:v200r007c00

Trust: 1.6

vendor:huaweimodel:s5700 v200r005c00scope: - version: -

Trust: 1.5

vendor:huaweimodel:s9700 v200r008c00scope: - version: -

Trust: 1.5

vendor:huaweimodel:s5700scope:eqversion:v200r007c00

Trust: 1.0

vendor:huaweimodel:s5700scope:eqversion:v200r002c00

Trust: 1.0

vendor:huaweimodel:s6300scope:eqversion:v200r003c00

Trust: 1.0

vendor:huaweimodel:s6700scope:eqversion:v200r001c01

Trust: 1.0

vendor:huaweimodel:s12700scope:eqversion:v200r009c00

Trust: 1.0

vendor:huaweimodel:s12700scope:eqversion:v200r007c01

Trust: 1.0

vendor:huaweimodel:s5300scope:eqversion:v200r009c00

Trust: 1.0

vendor:huaweimodel:s12700scope:eqversion:v200r008c00

Trust: 1.0

vendor:huaweimodel:s5700scope:eqversion:v200r005c00

Trust: 1.0

vendor:huaweimodel:s5300scope:eqversion:v200r008c00

Trust: 1.0

vendor:huaweimodel:s6300scope:eqversion:v200r009c00

Trust: 1.0

vendor:huaweimodel:s6700scope:eqversion:v200r002c00

Trust: 1.0

vendor:huaweimodel:s6300scope:eqversion:v200r008c00

Trust: 1.0

vendor:huaweimodel:s5700scope:eqversion:v200r003c00

Trust: 1.0

vendor:huaweimodel:s6700scope:eqversion:v200r005c00

Trust: 1.0

vendor:huaweimodel:s12700scope:eqversion:v200r007c00

Trust: 1.0

vendor:huaweimodel:s5300scope:eqversion:v200r007c00

Trust: 1.0

vendor:huaweimodel:s5700scope:eqversion:v200r001c00

Trust: 1.0

vendor:huaweimodel:s6700scope:eqversion:v200r003c00

Trust: 1.0

vendor:huaweimodel:s5700scope:eqversion:v200r009c00

Trust: 1.0

vendor:huaweimodel:s5700scope:eqversion:v200r005c03

Trust: 1.0

vendor:huaweimodel:s5700scope:eqversion:v200r008c00

Trust: 1.0

vendor:huaweimodel:s6700scope:eqversion:v200r001c00

Trust: 1.0

vendor:huaweimodel:s6300scope:eqversion:v200r005c00

Trust: 1.0

vendor:huaweimodel:s6700scope:eqversion:v200r009c00

Trust: 1.0

vendor:huaweimodel:s6700scope:eqversion:v200r008c00

Trust: 1.0

vendor:huaweimodel:s5300scope:eqversion:v200r003c00

Trust: 1.0

vendor:huaweimodel:s7700 v200r008c00scope: - version: -

Trust: 0.9

vendor:huaweimodel:s12700 v200r008c00scope: - version: -

Trust: 0.9

vendor:huaweimodel:s6700 v200r001c00scope: - version: -

Trust: 0.9

vendor:huaweimodel:s6700 v200r001c01scope: - version: -

Trust: 0.9

vendor:huaweimodel:s6700 v200r002c00scope: - version: -

Trust: 0.9

vendor:huaweimodel:s6700 v200r003c00scope: - version: -

Trust: 0.9

vendor:huaweimodel:s6700 v200r008c00scope: - version: -

Trust: 0.9

vendor:huaweimodel:s6300 v200r003c00scope: - version: -

Trust: 0.9

vendor:huaweimodel:s6300 v200r005c00scope: - version: -

Trust: 0.9

vendor:huaweimodel:s6300 v200r008c00scope: - version: -

Trust: 0.9

vendor:huaweimodel:s5700 v200r002c00scope: - version: -

Trust: 0.9

vendor:huaweimodel:s5700 v200r003c00scope: - version: -

Trust: 0.9

vendor:huaweimodel:s5700 v200r008c00scope: - version: -

Trust: 0.9

vendor:huaweimodel:s5300 v200r003c00scope: - version: -

Trust: 0.9

vendor:huaweimodel:s5300 v200r007c00scope: - version: -

Trust: 0.9

vendor:huaweimodel:s5300 v200r008c00scope: - version: -

Trust: 0.9

vendor:huaweimodel:s9300 v200r008c00scope: - version: -

Trust: 0.9

vendor:huaweimodel:s12700 v200r007c00scope: - version: -

Trust: 0.9

vendor:huaweimodel:s5700 v200r007c00scope: - version: -

Trust: 0.9

vendor:huaweimodel:s7700 v200r007c00scope: - version: -

Trust: 0.9

vendor:huaweimodel:s9300 v200r007c00scope: - version: -

Trust: 0.9

vendor:huaweimodel:s9700 v200r007c00scope: - version: -

Trust: 0.9

vendor:huaweimodel:s5300 v200r009c00scope: - version: -

Trust: 0.9

vendor:huaweimodel:s5700 v200r009c00scope: - version: -

Trust: 0.9

vendor:huaweimodel:s6300 v200r009c00scope: - version: -

Trust: 0.9

vendor:huaweimodel:s6700 v200r009c00scope: - version: -

Trust: 0.9

vendor:huaweimodel:s7700 v200r009c00scope: - version: -

Trust: 0.9

vendor:huaweimodel:s9300 v200r009c00scope: - version: -

Trust: 0.9

vendor:huaweimodel:s12700 v200r009c00scope: - version: -

Trust: 0.9

vendor:huaweimodel:s12700 v200r007c01scope: - version: -

Trust: 0.9

vendor:huaweimodel:s12700scope: - version: -

Trust: 0.8

vendor:huaweimodel:s5300scope: - version: -

Trust: 0.8

vendor:huaweimodel:s5700scope: - version: -

Trust: 0.8

vendor:huaweimodel:s6300scope: - version: -

Trust: 0.8

vendor:huaweimodel:s6700scope: - version: -

Trust: 0.8

vendor:huaweimodel:s7700scope: - version: -

Trust: 0.8

vendor:huaweimodel:s9300scope: - version: -

Trust: 0.8

vendor:huaweimodel:s9700scope: - version: -

Trust: 0.8

vendor:huaweimodel:s5700 v200r001c01scope: - version: -

Trust: 0.6

vendor:huaweimodel:s5700 v200r005c03scope: - version: -

Trust: 0.6

vendor:huaweimodel:s9700 v200r009c00scope: - version: -

Trust: 0.3

vendor:huaweimodel:s6700 v200r005c00scope: - version: -

Trust: 0.3

vendor:huaweimodel:s5700 v200r001c00scope: - version: -

Trust: 0.3

vendor:huaweimodel:s9700 v200r009c00spc500scope:neversion: -

Trust: 0.3

vendor:huaweimodel:s9300 v200r009c00spc500scope:neversion: -

Trust: 0.3

vendor:huaweimodel:s7700 v200r009c00spc500scope:neversion: -

Trust: 0.3

vendor:huaweimodel:s6700 v200r009c00spc500scope:neversion: -

Trust: 0.3

vendor:huaweimodel:s6300 v200r009c00spc500scope:neversion: -

Trust: 0.3

vendor:huaweimodel:s5700 v200r009c00spc500scope:neversion: -

Trust: 0.3

vendor:huaweimodel:s5300 v200r009c00spc500scope:neversion: -

Trust: 0.3

vendor:huaweimodel:s12700 v200r009c00spc500scope:neversion: -

Trust: 0.3

sources: CNVD: CNVD-2016-11388 // BID: 94285 // JVNDB: JVNDB-2016-008266 // CNNVD: CNNVD-201611-370 // NVD: CVE-2016-8773

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-8773
value: HIGH

Trust: 1.0

NVD: CVE-2016-8773
value: HIGH

Trust: 0.8

CNVD: CNVD-2016-11388
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201611-370
value: MEDIUM

Trust: 0.6

VULHUB: VHN-97593
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-8773
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2016-11388
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-97593
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-8773
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2016-11388 // VULHUB: VHN-97593 // JVNDB: JVNDB-2016-008266 // CNNVD: CNNVD-201611-370 // NVD: CVE-2016-8773

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-97593 // JVNDB: JVNDB-2016-008266 // NVD: CVE-2016-8773

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201611-370

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201611-370

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-008266

PATCH
title:huawei-sa-20161111-01-mplsurl:http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161111-01-mpls-en
Trust: 0.8
title:Patch for Denial of Service Vulnerability (CNVD-2016-11388) for multiple Huawei productsurl:https://www.cnvd.org.cn/patchInfo/show/84128
Trust: 0.6
title:Multiple Huawei Fixes for product input validation vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65729
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2016-11388 // 
            
            
            
            JVNDB: JVNDB-2016-008266 // 
            
            
            
            CNNVD: CNNVD-201611-370

EXTERNAL IDS
db:NVDid:CVE-2016-8773
Trust: 3.4
db:BIDid:94285
Trust: 2.6
db:JVNDBid:JVNDB-2016-008266
Trust: 0.8
db:CNNVDid:CNNVD-201611-370
Trust: 0.7
db:CNVDid:CNVD-2016-11388
Trust: 0.6
db:VULHUBid:VHN-97593
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2016-11388 // 
            
            
            
            VULHUB: VHN-97593 // 
            
            
            
            BID: 94285 // 
            
            
            
            JVNDB: JVNDB-2016-008266 // 
            
            
            
            CNNVD: CNNVD-201611-370 // 
            
            
            
            NVD: CVE-2016-8773

REFERENCES
url:http://www.securityfocus.com/bid/94285
Trust: 2.3
url:http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161111-01-mpls-en
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8773
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2016-8773
Trust: 0.8
url:http://www.huawei.com/cn/psirt/security-advisories/2016/huawei-sa-20161111-01-mpls-cn
Trust: 0.6
url:http://www.huawei.com
Trust: 0.3
url:http://www.huawei.com/en/psirt/security-advisories/2016/huawei-sa-20161111-01-mpls-en
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2016-11388 // 
            
            
            
            VULHUB: VHN-97593 // 
            
            
            
            BID: 94285 // 
            
            
            
            JVNDB: JVNDB-2016-008266 // 
            
            
            
            CNNVD: CNNVD-201611-370 // 
            
            
            
            NVD: CVE-2016-8773

CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
            
            
            BID: 94285

SOURCES
db:CNVDid:CNVD-2016-11388
db:VULHUBid:VHN-97593
db:BIDid:94285
db:JVNDBid:JVNDB-2016-008266
db:CNNVDid:CNNVD-201611-370
db:NVDid:CVE-2016-8773

LAST UPDATE DATE
2024-11-23T22:38:35.717000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2016-11388date:2016-11-22T00:00:00
db:VULHUBid:VHN-97593date:2017-04-11T00:00:00
db:BIDid:94285date:2016-11-24T01:09:00
db:JVNDBid:JVNDB-2016-008266date:2017-05-09T00:00:00
db:CNNVDid:CNNVD-201611-370date:2016-11-18T00:00:00
db:NVDid:CVE-2016-8773date:2024-11-21T03:00:01.690

SOURCES RELEASE DATE
db:CNVDid:CNVD-2016-11388date:2016-11-22T00:00:00
db:VULHUBid:VHN-97593date:2017-04-02T00:00:00
db:BIDid:94285date:2016-11-11T00:00:00
db:JVNDBid:JVNDB-2016-008266date:2017-05-09T00:00:00
db:CNNVDid:CNNVD-201611-370date:2016-11-18T00:00:00
db:NVDid:CVE-2016-8773date:2017-04-02T20:59:01.407