CVE-2016-8795 - OpenCVE

Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 6800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 7800 with software V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 8800 with software V100R006C00; and Secospace USG6600 with software V500R001C00 allow remote unauthenticated attackers to craft specific IPFPM packets to trigger an integer overflow and cause the device to reset.

No CVSS v3.1

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:N/AC:M/Au:N/C:N/I:N/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Huawei	Cloudengine 5800 Firmware Secospace Usg6600 Firmware Cloudengine 12800 Cloudengine 8800 Firmware Cloudengine 6800 Firmware Cloudengine 6800 Cloudengine 7800 Cloudengine 8800 Cloudengine 12800 Firmware Secospace Usg6600 Cloudengine 7800 Firmware Cloudengine 5800

Configuration 1 [-]

AND

OR	cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r002c00:::::::*
	cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r003c00:::::::*
	cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r003c10:::::::*
	cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c00:::::::*
	cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c10:::::::*
	cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r006c00:::::::*

cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

OR	cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r002c00:::::::*
	cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r003c00:::::::*
	cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r003c10:::::::*
	cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c00:::::::*
	cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c10:::::::*
	cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r006c00:::::::*

cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

OR	cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r002c00:::::::*
	cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r003c00:::::::*
	cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r003c10:::::::*
	cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c00:::::::*
	cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c10:::::::*
	cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r006c00:::::::*

cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

OR	cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r003c00:::::::*
	cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r003c10:::::::*
	cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c00:::::::*
	cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c10:::::::*
	cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r006c00:::::::*

cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:huawei:cloudengine_8800_firmware:v100r006c00:*:*:*:*:*:*:*

cpe:2.3:h:huawei:cloudengine_8800:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c00:*:*:*:*:*:*:*

cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*

References

Link	Resource
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-vrp-en	Vendor Advisory
http://www.securityfocus.com/bid/94504	Third Party Advisory VDB Entry