CVE-2016-8784

Опубликовано: 09 мар. 2018

Источник: nvd

CVSS3: 4.3

CVSS2: 3.3

EPSS Низкий

Описание

Huawei CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Label Distribution Protocol (LDP) packets to the devices. When the values of some parameters in the packet are abnormal, the LDP processing module does not release the memory to handle the packet, resulting in memory leak.

Ссылки

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161221-01-ldp-en
Vendor Advisory
http://www.securityfocus.com/bid/95079
Third Party Advisory
VDB Entry
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161221-01-ldp-en
Vendor Advisory
http://www.securityfocus.com/bid/95079
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r003c00:*:*:*:*:*:*:*

cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r003c10:*:*:*:*:*:*:*

cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c00:*:*:*:*:*:*:*

cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c10:*:*:*:*:*:*:*

cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r006c00:*:*:*:*:*:*:*

cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*

EPSS

Процентиль: 22%

0.00071

Низкий

4.3 Medium

CVSS3

3.3 Low

CVSS2

Дефекты

CWE-399

Связанные уязвимости

GHSA-gwgg-4mwq-8v75