CVE-2016-5368
First published: Thu Jun 30 2016(Updated: )
Memory leak in Huawei AR3200 before V200R007C00SPC900 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted Multiprotocol Label Switching (MPLS) packets.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei AR3200 firmware | ||
| Huawei AR3200 | =v200r005c20 | |
| Huawei AR3200 | =v200r005c32 | |
| Huawei AR3200 | =v200r007c00 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2016-5368?
CVE-2016-5368 has a medium severity level due to its potential to cause a denial of service through memory consumption.
How do I fix CVE-2016-5368?
To fix CVE-2016-5368, upgrade to a non-vulnerable version of the Huawei AR3200 firmware, such as V200R007C00SPC900 or later.
What are the affected versions for CVE-2016-5368?
CVE-2016-5368 affects Huawei AR3200 firmware versions V200R005C20, V200R005C32, and V200R007C00 prior to patching.
Who discovered CVE-2016-5368?
CVE-2016-5368 was identified and disclosed by security researchers examining vulnerabilities in Huawei devices.
What type of attack does CVE-2016-5368 allow?
CVE-2016-5368 allows remote attackers to exploit a memory leak vulnerability through crafted MPLS packets to cause a denial of service.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/author
- agent/weakness
- agent/event
- agent/description
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/huawei
- canonical/huawei ar3200 firmware
- canonical/huawei ar3200
- version/huawei ar3200/v200r005c20
- version/huawei ar3200/v200r005c32
- version/huawei ar3200/v200r007c00