Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2016-8784 | First vendor Publication | 2018-03-09 |
Vendor | Cve | Last vendor Modification | 2018-03-26 |
Security-Database Scoring CVSS v3
Cvss vector : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | |||
---|---|---|---|
Overall CVSS Score | 4.3 | ||
Base Score | 4.3 | Environmental Score | 4.3 |
impact SubScore | 1.4 | Temporal Score | 4.3 |
Exploitabality Sub Score | 2.8 | ||
Attack Vector | Adjacent | Attack Complexity | Low |
Privileges Required | None | User Interaction | None |
Scope | Unchanged | Confidentiality Impact | None |
Integrity Impact | None | Availability Impact | Low |
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:A/AC:L/Au:N/C:N/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 3.3 | Attack Range | Adjacent network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 6.5 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Huawei CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Label Distribution Protocol (LDP) packets to the devices. When the values of some parameters in the packet are abnormal, the LDP processing module does not release the memory to handle the packet, resulting in memory leak. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8784 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-399 | Resource Management Errors |
CPE : Common Platform Enumeration
Sources (Detail)
Source | Url |
---|---|
BID | http://www.securityfocus.com/bid/95079 |
CONFIRM | http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161221-01-ldp-en |
Alert History
Date | Informations |
---|---|
2020-05-23 00:53:36 |
|
2018-03-26 21:20:19 |
|
2018-03-11 09:19:09 |
|
2018-03-10 05:18:05 |
|