Huawei CloudEngine 12800 up to V100R006C00 IPFPM Packet integer overflow

A vulnerability was found in Huawei CloudEngine 5800, CloudEngine 6800, CloudEngine 7800, CloudEngine 8800 and CloudEngine 12800 up to V100R006C00 and classified as problematic. This issue affects some unknown processing of the component IPFPM Packet Handler. The manipulation leads to integer overflow. The CWE definition for the vulnerability is CWE-190. The bug was discovered 11/23/2016. The weakness was released 04/02/2017 with Huawei as sa-20161123-01 (Website). The advisory is shared at huawei.com. The identification of this vulnerability is CVE-2016-8795. The attack may be initiated remotely. There are no technical details available. There is no exploit available. The price for an exploit might be around USD $5k-$25k at the moment. It is declared as not defined. The vulnerability was handled as a non-public zero-day exploit for at least 130 days. We expect the 0-day to have been worth approximately $5k-$25k. A possible mitigation has been published even before and not after the disclosure of the vulnerability. The vulnerability is also documented other vulnerability databases: SecurityFocus (BID 94504).

Field04/03/2017 09:08 AM08/25/2020 09:58 AM11/24/2022 03:24 PM
typeCloud SoftwareCloud SoftwareCloud Software
vendorHuaweiHuaweiHuawei
nameCloudEngine 5800/CloudEngine 6800/CloudEngine 7800/CloudEngine 8800/CloudEngine 12800CloudEngine 5800/CloudEngine 6800/CloudEngine 7800/CloudEngine 8800/CloudEngine 12800CloudEngine 5800/CloudEngine 6800/CloudEngine 7800/CloudEngine 8800/CloudEngine 12800
versionV100R002C00/V100R003C00/V100R003C10/V100R005C00/V100R005C10/V100R006C00V100R002C00/V100R003C00/V100R003C10/V100R005C00/V100R005C10/V100R006C00V100R002C00/V100R003C00/V100R003C10/V100R005C00/V100R005C10/V100R006C00
componentIPFPM Packet HandlerIPFPM Packet HandlerIPFPM Packet Handler
cwe190 (integer overflow)190 (integer overflow)190 (integer overflow)
risk111
historic000
cvss2_vuldb_basescore4.34.34.3
cvss2_vuldb_tempscore4.34.34.3
cvss2_vuldb_avNNN
cvss2_vuldb_acMMM
cvss2_vuldb_auNNN
cvss2_vuldb_ciNNN
cvss2_vuldb_iiNNN
cvss2_vuldb_aiPPP
cvss2_nvd_avNNN
cvss2_nvd_acMMM
cvss2_nvd_auNNN
cvss2_nvd_ciNNN
cvss2_nvd_iiNNN
cvss2_nvd_aiCCC
cvss3_meta_basescore4.84.84.8
cvss3_meta_tempscore4.84.84.8
cvss3_vuldb_basescore3.73.73.7
cvss3_vuldb_tempscore3.73.73.7
cvss3_vuldb_avNNN
cvss3_vuldb_acHHH
cvss3_vuldb_prNNN
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cNNN
cvss3_vuldb_iNNN
cvss3_vuldb_aLLL
cvss3_nvd_avNNN
cvss3_nvd_acHHH
cvss3_nvd_prNNN
cvss3_nvd_uiNNN
cvss3_nvd_sUUU
cvss3_nvd_cNNN
cvss3_nvd_iNNN
cvss3_nvd_aHHH
date1491091200 (04/02/2017)1491091200 (04/02/2017)1491091200 (04/02/2017)
urlhttp://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-vrp-enhttp://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-vrp-enhttp://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-vrp-en
price_0day$5k-$25k$5k-$25k$5k-$25k
cveCVE-2016-8795CVE-2016-8795CVE-2016-8795
cve_assigned1476748800 (10/18/2016)1476748800 (10/18/2016)1476748800 (10/18/2016)
cve_nvd_published149109120014910912001491091200
cve_nvd_summaryHuawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 6800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 7800 with software V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 8800 with software V100R006C00; and Secospace USG6600 with software V500R001C00 allow remote unauthenticated attackers to craft specific IPFPM packets to trigger an integer overflow and cause the device to reset.Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 6800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 7800 with software V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 8800 with software V100R006C00; and Secospace USG6600 with software V500R001C00 allow remote unauthenticated attackers to craft specific IPFPM packets to trigger an integer overflow and cause the device to reset.Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 6800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 7800 with software V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 8800 with software V100R006C00; and Secospace USG6600 with software V500R001C00 allow remote unauthenticated attackers to craft specific IPFPM packets to trigger an integer overflow and cause the device to reset.
securityfocus945049450494504
securityfocus_titleMultiple Huawei CloudEngine Products CVE-2016-8795 Integer Overflow VulnerabilityMultiple Huawei CloudEngine Products CVE-2016-8795 Integer Overflow VulnerabilityMultiple Huawei CloudEngine Products CVE-2016-8795 Integer Overflow Vulnerability
locationWebsiteWebsiteWebsite
cvss2_vuldb_eNDNDND
cvss2_vuldb_rlNDNDND
cvss2_vuldb_rcNDNDND
cvss3_vuldb_eXXX
cvss3_vuldb_rlXXX
cvss3_vuldb_rcXXX
0day_days130130130
cvss3_nvd_basescore5.95.95.9
discoverydate14798592001479859200
company_nameHuaweiHuawei
confirm_urlhttp://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-vrp-enhttp://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-vrp-en
osvdb_titleCVE-2016-8795 - Huawei - Multiple Products - Integer Overflow IssueCVE-2016-8795 - Huawei - Multiple Products - Integer Overflow Issue
securityfocus_date1479859200 (11/23/2016)1479859200 (11/23/2016)
securityfocus_classInput Validation ErrorInput Validation Error
identifiersa-20161123-01
cvss2_nvd_basescore7.1

Do you know our Splunk app?

Download it now for free!