Vulnerability Details : CVE-2016-8796
Huawei USG9520 V300R001C01, USG9560 V300R001C01, and USG9580 V300R001C01 allow unauthenticated attackers to send abnormal DHCP request packets to the affected products to trigger a DoS condition.
Vulnerability category: Input validationDenial of service
Products affected by CVE-2016-8796
- cpe:2.3:o:huawei:usg9520_firmware:v300r001c01:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:usg9580_firmware:v300r001c01:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:usg9560_firmware:v300r001c01:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-8796
0.10%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 39 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-8796
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.8
|
HIGH | AV:N/AC:L/Au:N/C:N/I:N/A:C |
10.0
|
6.9
|
NIST | |
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2016-8796
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-8796
-
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-firewall-en
Security Advisory - DoS Vulnerability in Some Huawei Firewall ProductsVendor Advisory
-
http://www.securityfocus.com/bid/94405
Multiple Huawei Products CVE-2016-8796 Denial of Service VulnerabilityThird Party Advisory;VDB Entry
Jump to