Denial of Service Vulnerability in Huawei CloudEngine Switches
CVE-2016-8780

6.5MEDIUM

Key Information:

Vendor: Huawei
Status: Cloudengine 6800, Cloudengine 7800, Cloudengine 8800, Cloudengine 12800 Cloudengine 6800 V100r006c00,cloudengine 7800 V100r006c00,cloudengine 8800 V100r006c00,cloudengine 12800 V100r006c00,
Vendor: CVE Published:; 2 April 2017

Summary

Huawei CloudEngine Switches, including the 6800, 7800, 8800, and 12800 models, are vulnerable to a denial of service attack that can be initiated by remote attackers possessing specific permissions. By exploiting this vulnerability, attackers can store excessive files, overwhelming the shared storage capacity of the switches. This condition can lead to service interruption, impacting the availability of the network resources and affecting overall operational efficiency.

Affected Version(s)

CloudEngine 6800, CloudEngine 7800, CloudEngine 8800, CloudEngine 12800 CloudEngine 6800 V100R006C00,CloudEngine 7800 V100R006C00,CloudEngine 8800 V100R006C00,CloudEngine 12800 V100R006C00, CloudEngine 6800, CloudEngine 7800, CloudEngine 8800, CloudEngine 12800 CloudEngine 6800 V100R006C00,CloudEngine 7800 V100R006C00,CloudEngine 8800 V100R006C00,CloudEngine 12800 V100R006C00,

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/94618

vdb-entryx_refsource_BID

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 2, 2017
Vulnerability Reserved
Oct 18, 2016