Denial of Service Vulnerability in Huawei USG9520, USG9560, and USG9580 Firewalls
CVE-2016-8796

7.5HIGH

Key Information:

Vendor: Huawei
Status: Usg9520,usg9560,usg9580, Usg9520 V300r001c01,usg9560 V300r001c01,usg9580 V300r001c01
Vendor: CVE Published:; 2 April 2017

What is CVE-2016-8796?

The Huawei USG9520, USG9560, and USG9580 firewall products are susceptible to a significant denial of service vulnerability. This issue allows unauthenticated attackers to forge and send malformed DHCP request packets to the devices, potentially causing them to become unresponsive. Implementing appropriate security measures and regularly updating software versions can help mitigate risks associated with this vulnerability.

Affected Version(s)

USG9520,USG9560,USG9580, USG9520 V300R001C01,USG9560 V300R001C01,USG9580 V300R001C01 USG9520,USG9560,USG9580, USG9520 V300R001C01,USG9560 V300R001C01,USG9580 V300R001C01

References

http://www.securityfocus.com/bid/94405

vdb-entryx_refsource_BID

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 2, 2017
Vulnerability Reserved
Oct 18, 2016