Vulnerability Details : CVE-2016-5435
Memory leak in Huawei IPS Module, NGFW Module, NIP6300, NIP6600, and Secospace USG6300, USG6500, USG6600, USG9500, and AntiDDoS8000 V500R001C00 before V500R001C20SPC100, when in hot standby networking where two devices are not directly connected, allows remote attackers to cause a denial of service (memory consumption and reboot) via a crafted packet.
Vulnerability category: Denial of service
Products affected by CVE-2016-5435
- cpe:2.3:h:huawei:huawei_firmware:v5500r001c00:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-5435
0.15%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 32 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-5435
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.1
|
HIGH | AV:N/AC:M/Au:N/C:N/I:N/A:C |
8.6
|
6.9
|
NIST | |
|
5.9
|
MEDIUM | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.2
|
3.6
|
NIST |
CWE ids for CVE-2016-5435
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-5435
-
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160615-01-standby-en
Security Advisory - Memory Leak Vulnerability in Several Huawei ProductsVendor Advisory
Jump to