Details of VAR-201704-1023

ID

VAR-201704-1023

CVE

CVE-2016-8790

TITLE

plural Huawei CloudEngine Software overflow buffer overflow vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2016-008268

DESCRIPTION

Huawei CloudEngine 5800 with software before V200R001C00SPC700, CloudEngine 6800 with software before V200R001C00SPC700, CloudEngine 7800 with software before V200R001C00SPC700, CloudEngine 8800 with software before V200R001C00SPC700, CloudEngine 12800 with software before V200R001C00SPC700 could allow the attacker to exploit a buffer overflow vulnerability by sending crafted packets to the affected system to cause a main control board reboot. The CloudEngine5800, CloudEngine6800, CloudEngine7800, CloudEngine8800, and CloudEngine12800 are Huawei switch devices. A buffer overflow vulnerability exists in the CFM (ConnectivityFault Management) feature of several Huawei products. Multiple Huawei CloudEngine Products are prone to a buffer-overflow vulnerability because they fail to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Attackers can exploit this issue to reboot the affected device to cause denial-of-service conditions. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed. Huawei CloudEngine 5800 and others are data center switches of China's Huawei (Huawei). The following products and models are affected: CloudEngine 5800 V100R003C10 , V100R005C00 , V100R005C10 , V100R006C00 ; CloudEngine 6800 V100R003C10 , V100R005C00 , V100R005C10 , V100R006C00 ; CloudEngine 7800 V100R003C10 , V100R005C00 , V100R005C10 , V100R006C00 ; CloudEngine 8800 V100R006C00 ; loudEngine 12800 V100R003C10 , V100R005C00 , V100R005C10 , V100R006C00

Trust: 2.61

sources: NVD: CVE-2016-8790 // JVNDB: JVNDB-2016-008268 // CNVD: CNVD-2016-11299 // BID: 94402 // VULHUB: VHN-97610 // VULMON: CVE-2016-8790

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-11299

AFFECTED PRODUCTS

vendor:	huawei	model:	cloudengine 12800	scope:	eq	version:	v100r003c10	Trust: 1.6
vendor:	huawei	model:	cloudengine 7800	scope:	eq	version:	v100r005c10	Trust: 1.6
vendor:	huawei	model:	cloudengine 7800	scope:	eq	version:	v100r006c00	Trust: 1.6
vendor:	huawei	model:	cloudengine 12800	scope:	eq	version:	v100r005c10	Trust: 1.6
vendor:	huawei	model:	cloudengine 12800	scope:	eq	version:	v100r006c00	Trust: 1.6
vendor:	huawei	model:	cloudengine 8800	scope:	eq	version:	v100r006c00	Trust: 1.6
vendor:	huawei	model:	cloudengine 6800	scope:	eq	version:	v100r003c10	Trust: 1.6
vendor:	huawei	model:	cloudengine 7800	scope:	eq	version:	v100r005c00	Trust: 1.6
vendor:	huawei	model:	cloudengine 7800	scope:	eq	version:	v100r003c10	Trust: 1.6
vendor:	huawei	model:	cloudengine 12800	scope:	eq	version:	v100r005c00	Trust: 1.6
vendor:	huawei	model:	cloudengine 5800	scope:	eq	version:	v100r005c10	Trust: 1.0
vendor:	huawei	model:	cloudengine 6800	scope:	eq	version:	v100r005c00	Trust: 1.0
vendor:	huawei	model:	cloudengine 6800	scope:	eq	version:	v100r005c10	Trust: 1.0
vendor:	huawei	model:	cloudengine 5800	scope:	eq	version:	v100r006c00	Trust: 1.0
vendor:	huawei	model:	cloudengine 6800	scope:	eq	version:	v100r006c00	Trust: 1.0
vendor:	huawei	model:	cloudengine 5800	scope:	eq	version:	v100r003c10	Trust: 1.0
vendor:	huawei	model:	cloudengine 5800	scope:	eq	version:	v100r005c00	Trust: 1.0
vendor:	huawei	model:	cloudengine v100r003c10	scope:	eq	version:	12800	Trust: 0.9
vendor:	huawei	model:	cloudengine v100r005c00	scope:	eq	version:	12800	Trust: 0.9
vendor:	huawei	model:	cloudengine v100r005c10	scope:	eq	version:	12800	Trust: 0.9
vendor:	huawei	model:	cloudengine v100r003c10	scope:	eq	version:	5800	Trust: 0.9
vendor:	huawei	model:	cloudengine v100r005c00	scope:	eq	version:	5800	Trust: 0.9
vendor:	huawei	model:	cloudengine v100r005c10	scope:	eq	version:	5800	Trust: 0.9
vendor:	huawei	model:	cloudengine v100r006c00	scope:	eq	version:	5800	Trust: 0.9
vendor:	huawei	model:	cloudengine v100r003c10	scope:	eq	version:	6800	Trust: 0.9
vendor:	huawei	model:	cloudengine v100r005c00	scope:	eq	version:	6800	Trust: 0.9
vendor:	huawei	model:	cloudengine v100r005c10	scope:	eq	version:	6800	Trust: 0.9
vendor:	huawei	model:	cloudengine v100r006c00	scope:	eq	version:	6800	Trust: 0.9
vendor:	huawei	model:	cloudengine v100r003c10	scope:	eq	version:	7800	Trust: 0.9
vendor:	huawei	model:	cloudengine v100r005c00	scope:	eq	version:	7800	Trust: 0.9
vendor:	huawei	model:	cloudengine v100r005c10	scope:	eq	version:	7800	Trust: 0.9
vendor:	huawei	model:	cloudengine v100r006c00	scope:	eq	version:	7800	Trust: 0.9
vendor:	huawei	model:	cloudengine v100r006c00	scope:	eq	version:	8800	Trust: 0.9
vendor:	huawei	model:	cloudengine v100r006c00	scope:	eq	version:	12800	Trust: 0.9
vendor:	huawei	model:	cloudengine 12800	scope:	lt	version:	v200r001c00spc700	Trust: 0.8
vendor:	huawei	model:	cloudengine 5800	scope:	lt	version:	v200r001c00spc700	Trust: 0.8
vendor:	huawei	model:	cloudengine 6800	scope:	lt	version:	v200r001c00spc700	Trust: 0.8
vendor:	huawei	model:	cloudengine 7800	scope:	lt	version:	v200r001c00spc700	Trust: 0.8
vendor:	huawei	model:	cloudengine 8800	scope:	lt	version:	v200r001c00spc700	Trust: 0.8
vendor:	huawei	model:	cloudengine v200r001c00spc700	scope:	ne	version:	8800	Trust: 0.3
vendor:	huawei	model:	cloudengine v200r001c00spc700	scope:	ne	version:	7800	Trust: 0.3
vendor:	huawei	model:	cloudengine v200r001c00spc700	scope:	ne	version:	6800	Trust: 0.3
vendor:	huawei	model:	cloudengine v200r001c00spc700	scope:	ne	version:	5800	Trust: 0.3
vendor:	huawei	model:	cloudengine v200r001c00spc700	scope:	ne	version:	12800	Trust: 0.3

sources: CNVD: CNVD-2016-11299 // BID: 94402 // JVNDB: JVNDB-2016-008268 // CNNVD: CNNVD-201611-472 // NVD: CVE-2016-8790

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-8790
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2016-8790
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2016-11299
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201611-472
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-97610
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2016-8790
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-8790
severity:	MEDIUM
baseScore:	5.5
vectorString:	AV:A/AC:L/AU:S/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	5.1
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2016-11299
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:A/AC:L/AU:N/C:N/I:P/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	7.8
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-97610
severity:	MEDIUM
baseScore:	5.5
vectorString:	AV:A/AC:L/AU:S/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	5.1
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-8790
baseSeverity:	MEDIUM
baseScore:	5.7
vectorString:	CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.1
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2016-11299 // VULHUB: VHN-97610 // VULMON: CVE-2016-8790 // JVNDB: JVNDB-2016-008268 // CNNVD: CNNVD-201611-472 // NVD: CVE-2016-8790

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-97610 // JVNDB: JVNDB-2016-008268 // NVD: CVE-2016-8790

THREAT TYPE

specific network environment

Trust: 0.6

sources: CNNVD: CNNVD-201611-472

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201611-472

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-008268

PATCH

title:	huawei-sa-20161116-01-cfm	url:	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-cfm-en	Trust: 0.8
title:	Patches for buffer overflow vulnerabilities in CFM functions in various Huawei products	url:	https://www.cnvd.org.cn/patchInfo/show/84101	Trust: 0.6
title:	Multiple Huawei CloudEngin Product Buffer Overflow Vulnerability Fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65810	Trust: 0.6

sources: CNVD: CNVD-2016-11299 // JVNDB: JVNDB-2016-008268 // CNNVD: CNNVD-201611-472

EXTERNAL IDS

db:	NVD	id:	CVE-2016-8790	Trust: 3.5
db:	BID	id:	94402	Trust: 2.7
db:	JVNDB	id:	JVNDB-2016-008268	Trust: 0.8
db:	CNNVD	id:	CNNVD-201611-472	Trust: 0.7
db:	CNVD	id:	CNVD-2016-11299	Trust: 0.6
db:	VULHUB	id:	VHN-97610	Trust: 0.1
db:	VULMON	id:	CVE-2016-8790	Trust: 0.1

sources: CNVD: CNVD-2016-11299 // VULHUB: VHN-97610 // VULMON: CVE-2016-8790 // BID: 94402 // JVNDB: JVNDB-2016-008268 // CNNVD: CNNVD-201611-472 // NVD: CVE-2016-8790

REFERENCES

url:	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-cfm-en	Trust: 2.1
url:	http://www.securityfocus.com/bid/94402	Trust: 1.9
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8790	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2016-8790	Trust: 0.8
url:	http://www.huawei.com/cn/psirt/security-advisories/2016/huawei-sa-20161116-01-cfm-cn	Trust: 0.6
url:	http://www.huawei.com	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/119.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: CNVD: CNVD-2016-11299 // VULHUB: VHN-97610 // VULMON: CVE-2016-8790 // BID: 94402 // JVNDB: JVNDB-2016-008268 // CNNVD: CNNVD-201611-472 // NVD: CVE-2016-8790

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 94402

SOURCES

db:	CNVD	id:	CNVD-2016-11299
db:	VULHUB	id:	VHN-97610
db:	VULMON	id:	CVE-2016-8790
db:	BID	id:	94402
db:	JVNDB	id:	JVNDB-2016-008268
db:	CNNVD	id:	CNNVD-201611-472
db:	NVD	id:	CVE-2016-8790

LAST UPDATE DATE

2024-11-23T22:07:27.746000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-11299	date:	2016-11-21T00:00:00
db:	VULHUB	id:	VHN-97610	date:	2017-04-11T00:00:00
db:	VULMON	id:	CVE-2016-8790	date:	2017-04-11T00:00:00
db:	BID	id:	94402	date:	2016-11-24T01:12:00
db:	JVNDB	id:	JVNDB-2016-008268	date:	2017-05-09T00:00:00
db:	CNNVD	id:	CNNVD-201611-472	date:	2016-11-23T00:00:00
db:	NVD	id:	CVE-2016-8790	date:	2024-11-21T03:00:04.937

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2016-11299	date:	2016-11-18T00:00:00
db:	VULHUB	id:	VHN-97610	date:	2017-04-02T00:00:00
db:	VULMON	id:	CVE-2016-8790	date:	2017-04-02T00:00:00
db:	BID	id:	94402	date:	2016-11-16T00:00:00
db:	JVNDB	id:	JVNDB-2016-008268	date:	2017-05-09T00:00:00
db:	CNNVD	id:	CNNVD-201611-472	date:	2016-11-23T00:00:00
db:	NVD	id:	CVE-2016-8790	date:	2017-04-02T20:59:01.640