Denial of Service Vulnerability in Huawei USG9520, USG9560, and USG9580 Firewalls
CVE-2016-8796

7.5HIGH

Key Information:

Vendor
Huawei
Status
Usg9520,usg9560,usg9580, Usg9520 V300r001c01,usg9560 V300r001c01,usg9580 V300r001c01
Vendor
CVE Published:
2 April 2017

Summary

The Huawei USG9520, USG9560, and USG9580 firewall products are susceptible to a significant denial of service vulnerability. This issue allows unauthenticated attackers to forge and send malformed DHCP request packets to the devices, potentially causing them to become unresponsive. Implementing appropriate security measures and regularly updating software versions can help mitigate risks associated with this vulnerability.

Affected Version(s)

USG9520,USG9560,USG9580, USG9520 V300R001C01,USG9560 V300R001C01,USG9580 V300R001C01 USG9520,USG9560,USG9580, USG9520 V300R001C01,USG9560 V300R001C01,USG9580 V300R001C01

References

http://www.securityfocus.com/bid/94405
vdb-entryx_refsource_BID
http://www.huawei.com/en/psirt/security-advisories/huawei...
x_refsource_CONFIRM

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.