CVE-2016-8773 : Huawei S5300 with software V200R003C00, V200R007C00, V200R008C00, V200R009C00; S

Huawei S5300 with software V200R003C00, V200R007C00, V200R008C00, V200R009C00; S5700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R005C03, V200R007C00, V200R008C00, V200R009C00; S6300 with software V200R003C00, V200R005C00, V200R008C00, V200R009C00; S6700 with software V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R008C00, V200R009C00; S7700 with software V200R007C00, V200R008C00, V200R009C00; S9300 with software V200R007C00, V200R008C00, V200R009C00; S9700 with software V200R007C00, V200R008C00, V200R009C00; and S12700 with software V200R007C00, V200R007C01, V200R008C00, V200R009C00 allow the attacker to cause a denial of service condition by sending malformed MPLS packets.

Published 2017-04-02 20:59:01

Updated 2017-04-11 01:13:07

Source Huawei Technologies

View at NVD, CVE.org

Vulnerability category: Input validationDenial of service

Products affected by CVE-2016-8773

Huawei » S5300 Firmware » Version: V200r003c00
cpe:2.3:o:huawei:s5300_firmware:v200r003c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S5300 » Version: N/A
Huawei » S5300 Firmware » Version: V200r007c00
cpe:2.3:o:huawei:s5300_firmware:v200r007c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S5300 » Version: N/A
Huawei » S5300 Firmware » Version: V200r008c00
cpe:2.3:o:huawei:s5300_firmware:v200r008c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S5300 » Version: N/A
Huawei » S5300 Firmware » Version: V200r009c00
cpe:2.3:o:huawei:s5300_firmware:v200r009c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S5300 » Version: N/A
Huawei » S7700 Firmware » Version: V200r008c00
cpe:2.3:o:huawei:s7700_firmware:v200r008c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S7700 » Version: N/A
Huawei » S7700 Firmware » Version: V200r007c00
cpe:2.3:o:huawei:s7700_firmware:v200r007c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S7700 » Version: N/A
Huawei » S7700 Firmware » Version: V200r009c00
cpe:2.3:o:huawei:s7700_firmware:v200r009c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S7700 » Version: N/A
Huawei » S9700 Firmware » Version: V200r008c00
cpe:2.3:o:huawei:s9700_firmware:v200r008c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S9700 » Version: N/A
Huawei » S9700 Firmware » Version: V200r007c00
cpe:2.3:o:huawei:s9700_firmware:v200r007c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S9700 » Version: N/A
Huawei » S9700 Firmware » Version: V200r009c00
cpe:2.3:o:huawei:s9700_firmware:v200r009c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S9700 » Version: N/A
Huawei » S9300 Firmware » Version: V200r008c00
cpe:2.3:o:huawei:s9300_firmware:v200r008c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S9300 » Version: N/A
Huawei » S9300 Firmware » Version: V200r007c00
cpe:2.3:o:huawei:s9300_firmware:v200r007c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S9300 » Version: N/A
Huawei » S9300 Firmware » Version: V200r009c00
cpe:2.3:o:huawei:s9300_firmware:v200r009c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S9300 » Version: N/A
Huawei » S12700 Firmware » Version: V200r008c00
cpe:2.3:o:huawei:s12700_firmware:v200r008c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S12700 » Version: N/A
Huawei » S12700 Firmware » Version: V200r007c00
cpe:2.3:o:huawei:s12700_firmware:v200r007c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S12700 » Version: N/A
Huawei » S12700 Firmware » Version: V200r007c01
cpe:2.3:o:huawei:s12700_firmware:v200r007c01:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S12700 » Version: N/A
Huawei » S12700 Firmware » Version: V200r009c00
cpe:2.3:o:huawei:s12700_firmware:v200r009c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S12700 » Version: N/A
Huawei » S5700 Firmware » Version: V200r003c00
cpe:2.3:o:huawei:s5700_firmware:v200r003c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S5700 » Version: N/A
Huawei » S5700 Firmware » Version: V200r002c00
cpe:2.3:o:huawei:s5700_firmware:v200r002c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S5700 » Version: N/A
Huawei » S5700 Firmware » Version: V200r005c00
cpe:2.3:o:huawei:s5700_firmware:v200r005c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S5700 » Version: N/A
Huawei » S5700 Firmware » Version: V200r001c00
cpe:2.3:o:huawei:s5700_firmware:v200r001c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S5700 » Version: N/A
Huawei » S5700 Firmware » Version: V200r008c00
cpe:2.3:o:huawei:s5700_firmware:v200r008c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S5700 » Version: N/A
Huawei » S5700 Firmware » Version: V200r007c00
cpe:2.3:o:huawei:s5700_firmware:v200r007c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S5700 » Version: N/A
Huawei » S5700 Firmware » Version: V200r009c00
cpe:2.3:o:huawei:s5700_firmware:v200r009c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S5700 » Version: N/A
Huawei » S5700 Firmware » Version: V200r005c03
cpe:2.3:o:huawei:s5700_firmware:v200r005c03:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S5700 » Version: N/A
Huawei » S6300 Firmware » Version: V200r003c00
cpe:2.3:o:huawei:s6300_firmware:v200r003c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S6300 » Version: N/A
Huawei » S6300 Firmware » Version: V200r005c00
cpe:2.3:o:huawei:s6300_firmware:v200r005c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S6300 » Version: N/A
Huawei » S6300 Firmware » Version: V200r008c00
cpe:2.3:o:huawei:s6300_firmware:v200r008c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S6300 » Version: N/A
Huawei » S6300 Firmware » Version: V200r009c00
cpe:2.3:o:huawei:s6300_firmware:v200r009c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S6300 » Version: N/A
Huawei » S6700 Firmware » Version: V200r001c01
cpe:2.3:o:huawei:s6700_firmware:v200r001c01:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S6700 » Version: N/A
Huawei » S6700 Firmware » Version: V200r003c00
cpe:2.3:o:huawei:s6700_firmware:v200r003c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S6700 » Version: N/A
Huawei » S6700 Firmware » Version: V200r008c00
cpe:2.3:o:huawei:s6700_firmware:v200r008c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S6700 » Version: N/A
Huawei » S6700 Firmware » Version: V200r001c00
cpe:2.3:o:huawei:s6700_firmware:v200r001c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S6700 » Version: N/A
Huawei » S6700 Firmware » Version: V200r002c00
cpe:2.3:o:huawei:s6700_firmware:v200r002c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S6700 » Version: N/A
Huawei » S6700 Firmware » Version: V200r007c00
cpe:2.3:o:huawei:s6700_firmware:v200r007c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S6700 » Version: N/A
Huawei » S6700 Firmware » Version: V200r005c00
cpe:2.3:o:huawei:s6700_firmware:v200r005c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S6700 » Version: N/A
Huawei » S6700 Firmware » Version: V200r009c00
cpe:2.3:o:huawei:s6700_firmware:v200r009c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S6700 » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2016-8773

EPSS FAQ

0.21%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 41 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2016-8773

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:N/A:P	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial
7.5	HIGH	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H	3.9	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2016-8773

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2016-8773

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161111-01-mpls-en

Security Advisory - Input Validation Vulnerability in Some Huawei Products
Vendor Advisory
http://www.securityfocus.com/bid/94285

Multiple Huawei Products CVE-2016-8773 Denial of Service Vulnerability
Third Party Advisory;VDB Entry

Jump to

Vulnerability Details : CVE-2016-8773

Products affected by CVE-2016-8773

Exploit prediction scoring system (EPSS) score for CVE-2016-8773

CVSS scores for CVE-2016-8773

CWE ids for CVE-2016-8773

References for CVE-2016-8773