var-201803-1079
Vulnerability from variot
Huawei CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Label Distribution Protocol (LDP) packets to the devices. When the values of some parameters in the packet are abnormal, the LDP processing module does not release the memory to handle the packet, resulting in memory leak. Huawei CloudEngine 12800 Contains a resource management vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. HuaweiCloudEngine12800 is the switch device of China Huawei. Multiple Huawei products are prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to cause denial-of-service condition. The following versions are affected: CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, and V100R006C00
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201803-1079",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v100r003c00"
},
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v100r003c10"
},
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v100r005c00"
},
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v100r005c10"
},
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v100r006c00"
},
{
"model": "cloudengine v100r003c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v100r003c10",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v100r005c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v100r005c10",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v100r006c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v100r006sph005",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v100r005sph005",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v100r003sph011",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "12800"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-12844"
},
{
"db": "BID",
"id": "95079"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008962"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-642"
},
{
"db": "NVD",
"id": "CVE-2016-8784"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:huawei:cloudengine_12800_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008962"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "95079"
}
],
"trust": 0.3
},
"cve": "CVE-2016-8784",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "CVE-2016-8784",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "CNVD-2016-12844",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "VHN-97604",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2016-8784",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-8784",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2016-8784",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2016-12844",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201612-642",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-97604",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-12844"
},
{
"db": "VULHUB",
"id": "VHN-97604"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008962"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-642"
},
{
"db": "NVD",
"id": "CVE-2016-8784"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Label Distribution Protocol (LDP) packets to the devices. When the values of some parameters in the packet are abnormal, the LDP processing module does not release the memory to handle the packet, resulting in memory leak. Huawei CloudEngine 12800 Contains a resource management vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. HuaweiCloudEngine12800 is the switch device of China Huawei. Multiple Huawei products are prone to a remote denial-of-service vulnerability. \nAttackers can exploit this issue to cause denial-of-service condition. The following versions are affected: CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, and V100R006C00",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-8784"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008962"
},
{
"db": "CNVD",
"id": "CNVD-2016-12844"
},
{
"db": "BID",
"id": "95079"
},
{
"db": "VULHUB",
"id": "VHN-97604"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-8784",
"trust": 3.4
},
{
"db": "BID",
"id": "95079",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008962",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201612-642",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-12844",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-97604",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-12844"
},
{
"db": "VULHUB",
"id": "VHN-97604"
},
{
"db": "BID",
"id": "95079"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008962"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-642"
},
{
"db": "NVD",
"id": "CVE-2016-8784"
}
]
},
"id": "VAR-201803-1079",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-12844"
},
{
"db": "VULHUB",
"id": "VHN-97604"
}
],
"trust": 1.482619048
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-12844"
}
]
},
"last_update_date": "2024-11-23T22:26:26.917000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory - Memory Leak Vulnerability in Some Huawei Products",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161221-01-ldp-en"
},
{
"title": "Patch for HuaweiCloudEngine12800 Switch Memory Leak Vulnerability (CNVD-2016-12844)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/86500"
},
{
"title": "Huawei CloudEngine 12800 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=66662"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-12844"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008962"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-642"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-97604"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008962"
},
{
"db": "NVD",
"id": "CVE-2016-8784"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161221-01-ldp-en"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/95079"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8784"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-8784"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/2016/huawei-sa-20161221-01-ldp-cn"
},
{
"trust": 0.3,
"url": "http://www.huawei.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-12844"
},
{
"db": "VULHUB",
"id": "VHN-97604"
},
{
"db": "BID",
"id": "95079"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008962"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-642"
},
{
"db": "NVD",
"id": "CVE-2016-8784"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-12844"
},
{
"db": "VULHUB",
"id": "VHN-97604"
},
{
"db": "BID",
"id": "95079"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008962"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-642"
},
{
"db": "NVD",
"id": "CVE-2016-8784"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-12844"
},
{
"date": "2018-03-09T00:00:00",
"db": "VULHUB",
"id": "VHN-97604"
},
{
"date": "2016-12-23T00:00:00",
"db": "BID",
"id": "95079"
},
{
"date": "2018-04-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008962"
},
{
"date": "2016-12-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201612-642"
},
{
"date": "2018-03-09T21:29:00.300000",
"db": "NVD",
"id": "CVE-2016-8784"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-12844"
},
{
"date": "2018-03-26T00:00:00",
"db": "VULHUB",
"id": "VHN-97604"
},
{
"date": "2017-01-12T01:04:00",
"db": "BID",
"id": "95079"
},
{
"date": "2018-04-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008962"
},
{
"date": "2018-03-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201612-642"
},
{
"date": "2024-11-21T03:00:04.400000",
"db": "NVD",
"id": "CVE-2016-8784"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201612-642"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei CloudEngine 12800 Resource management vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008962"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201612-642"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.