Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2016-8785

Huawei S12700 V200R007C00, V200R008C00, S5700 V200R007C00, S7700 V200R002C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, S9700 V200R007C00 have an input validation vulnerability. Due to the lack of input validation, an attacker may craft a malformed packet and send it to the device using VRP, causing the device to display additional memory data and possibly leading to sensitive information leakage.

Published

2018-03-09T21:29:00.377

Last Modified

2024-11-21T03:00:04.520

Status

Modified

Source

[email protected]

Severity

CVSSv3.0: 4.3 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

8.6

Impact Score

2.9

Weaknesses

Type: Primary
CWE-20

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	huawei	s12700_firmware	v200r007c00	Yes
Operating System	huawei	s12700_firmware	v200r008c00	Yes
Hardware	huawei	s12700	-	No
Operating System	huawei	s5700_firmware	v200r007c00	Yes
Hardware	huawei	s5700	-	No
Operating System	huawei	s7700_firmware	v200r002c00	Yes
Operating System	huawei	s7700_firmware	v200r005c00	Yes
Operating System	huawei	s7700_firmware	v200r006c00	Yes
Operating System	huawei	s7700_firmware	v200r007c00	Yes
Operating System	huawei	s7700_firmware	v200r008c00	Yes
Hardware	huawei	s7700	-	No
Operating System	huawei	s9700_firmware	v200r007c00	Yes
Hardware	huawei	s9700	-	No

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161228-04-vrp-en Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/95149 Third Party Advisory, VDB Entry ([email protected])
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161228-04-vrp-en Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/95149 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)