Denial of Service Vulnerability in Huawei Networking Devices
CVE-2016-8773

7.5HIGH

Key Information:

Vendor: Huawei
Status: S5300,s5700,s6300,s6700,s7700,9300,9700,s12700 S5300 With Software V200r003c00, V200r007c00, V200r008c00, V200r009c00,s5700 With Software V200r001c00, V200r002c00, V200r003c00, V200r005c00, V200r005c03, V200r007c00, V200r008c00, V200r009c00,s6300 With Software V200r003c00, V200r005c00, V200r008c00, V200r009c00,s6700 With Software V200r001c00, V200r001c01, V200r002c00, V200r003c00, V200r005c00, V200r008c00, V200r009c00,s7700 With Software V200r007c00, V200r008c00, V200r009c00,s9300 With Software V200r007c00, V200r008c00, V200r009c00,s9700 With Software V200r007c00, V200r008c00, V200r009c00 And S12700 With Software V200r007c00, V200r007c01, V200r008c00, V200r009c00
Vendor: CVE Published:; 2 April 2017

Summary

A vulnerability exists in various Huawei networking devices that allows attackers to exploit the processing of malformed MPLS packets, resulting in a denial of service condition. When vulnerable devices receive these specially crafted packets, they may become unresponsive, potentially disrupting network operations and accessibility.

Affected Version(s)

S5300,S5700,S6300,S6700,S7700,9300,9700,S12700 S5300 with software V200R003C00, V200R007C00, V200R008C00, V200R009C00,S5700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R005C03, V200R007C00, V200R008C00, V200R009C00,S6300 with software V200R003C00, V200R005C00, V200R008C00, V200R009C00,S6700 with software V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R008C00, V200R009C00,S7700 with software V200R007C00, V200R008C00, V200R009C00,S9300 with software V200R007C00, V200R008C00, V200R009C00,S9700 with software V200R007C00, V200R008C00, V200R009C00 and S12700 with software V200R007C00, V200R007C01, V200R008C00, V200R009C00 S5300,S5700,S6300,S6700,S7700,9300,9700,S12700 S5300 with software V200R003C00, V200R007C00, V200R008C00, V200R009C00,S5700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R005C03, V200R007C00, V200R008C00, V200R009C00,S6300 with software V200R003C00, V200R005C00, V200R008C00, V200R009C00,S6700 with software V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R008C00, V200R009C00,S7700 with software V200R007C00, V200R008C00, V200R009C00,S9300 with software V200R007C00, V200R008C00, V200R009C00,S9700 with software V200R007C00, V200R008C00, V200R009C00 and S12700 with software V200R007C00, V200R007C01, V200R008C00, V200R009C00

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/94285

vdb-entryx_refsource_BID

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 2, 2017
Vulnerability Reserved
Oct 18, 2016