What is the severity of CVE-2016-8795?

CVE-2016-8795 has a medium severity rating, potentially affecting the confidentiality and integrity of data.

How do I fix CVE-2016-8795?

To fix CVE-2016-8795, update the affected Huawei CloudEngine firmware to a version that is not vulnerable.

What devices are affected by CVE-2016-8795?

CVE-2016-8795 affects Huawei CloudEngine 12800, 5800, 6800, 7800, and 8800 series devices running specified firmware versions.

Is there a workaround for CVE-2016-8795?

There are no documented workarounds for CVE-2016-8795; the recommended solution is to apply the firmware update immediately.

What type of vulnerability is CVE-2016-8795?

CVE-2016-8795 is classified as a security vulnerability that may allow unauthorized access to network devices.

Vulnerability/
CVE-2016-8795

high

7.1

CWE

190

2/4/2017

6/8/2024

CVE-2016-8795: Integer Overflow

First published: Sun Apr 02 2017(Updated: )

Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 6800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 7800 with software V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 8800 with software V100R006C00; and Secospace USG6600 with software V500R001C00 allow remote unauthenticated attackers to craft specific IPFPM packets to trigger an integer overflow and cause the device to reset.

Credit: psirt@huawei.com

Affected Software	Affected Version	How to fix
Huawei CloudEngine 5800 Firmware	=v100r002c00
Huawei CloudEngine 5800 Firmware	=v100r003c00
Huawei CloudEngine 5800 Firmware	=v100r003c10
Huawei CloudEngine 5800 Firmware	=v100r005c00
Huawei CloudEngine 5800 Firmware	=v100r005c10
Huawei CloudEngine 5800 Firmware	=v100r006c00
Huawei CloudEngine 5800 firmware
Huawei CloudEngine 6800 firmware	=v100r002c00
Huawei CloudEngine 6800 firmware	=v100r003c00
Huawei CloudEngine 6800 firmware	=v100r003c10
Huawei CloudEngine 6800 firmware	=v100r005c00
Huawei CloudEngine 6800 firmware	=v100r005c10
Huawei CloudEngine 6800 firmware	=v100r006c00
Huawei CloudEngine 6800
Huawei CloudEngine 12800	=v100r002c00
Huawei CloudEngine 12800	=v100r003c00
Huawei CloudEngine 12800	=v100r003c10
Huawei CloudEngine 12800	=v100r005c00
Huawei CloudEngine 12800	=v100r005c10
Huawei CloudEngine 12800	=v100r006c00
Huawei CloudEngine 12800
Huawei CloudEngine 7800	=v100r003c00
Huawei CloudEngine 7800	=v100r003c10
Huawei CloudEngine 7800	=v100r005c00
Huawei CloudEngine 7800	=v100r005c10
Huawei CloudEngine 7800	=v100r006c00
Huawei CloudEngine 7800 firmware
Huawei CloudEngine 8800	=v100r006c00
Huawei CloudEngine 8800
Huawei Secospace USG6600 firmware	=v500r001c00
Huawei Secospace USG6600 firmware

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-8795?
CVE-2016-8795 has a medium severity rating, potentially affecting the confidentiality and integrity of data.
How do I fix CVE-2016-8795?
To fix CVE-2016-8795, update the affected Huawei CloudEngine firmware to a version that is not vulnerable.
What devices are affected by CVE-2016-8795?
CVE-2016-8795 affects Huawei CloudEngine 12800, 5800, 6800, 7800, and 8800 series devices running specified firmware versions.
Is there a workaround for CVE-2016-8795?
There are no documented workarounds for CVE-2016-8795; the recommended solution is to apply the firmware update immediately.
What type of vulnerability is CVE-2016-8795?
CVE-2016-8795 is classified as a security vulnerability that may allow unauthorized access to network devices.

agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/severity
agent/author
agent/weakness
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/huawei
canonical/huawei cloudengine 5800 firmware
version/huawei cloudengine 5800 firmware/v100r002c00
version/huawei cloudengine 5800 firmware/v100r003c00
version/huawei cloudengine 5800 firmware/v100r003c10
version/huawei cloudengine 5800 firmware/v100r005c00
version/huawei cloudengine 5800 firmware/v100r005c10
version/huawei cloudengine 5800 firmware/v100r006c00
canonical/huawei cloudengine 6800 firmware
version/huawei cloudengine 6800 firmware/v100r002c00
version/huawei cloudengine 6800 firmware/v100r003c00
version/huawei cloudengine 6800 firmware/v100r003c10
version/huawei cloudengine 6800 firmware/v100r005c00
version/huawei cloudengine 6800 firmware/v100r005c10
version/huawei cloudengine 6800 firmware/v100r006c00
canonical/huawei cloudengine 6800
canonical/huawei cloudengine 12800
version/huawei cloudengine 12800/v100r002c00
version/huawei cloudengine 12800/v100r003c00
version/huawei cloudengine 12800/v100r003c10
version/huawei cloudengine 12800/v100r005c00
version/huawei cloudengine 12800/v100r005c10
version/huawei cloudengine 12800/v100r006c00
canonical/huawei cloudengine 7800
version/huawei cloudengine 7800/v100r003c00
version/huawei cloudengine 7800/v100r003c10
version/huawei cloudengine 7800/v100r005c00
version/huawei cloudengine 7800/v100r005c10
version/huawei cloudengine 7800/v100r006c00
canonical/huawei cloudengine 7800 firmware
canonical/huawei cloudengine 8800
version/huawei cloudengine 8800/v100r006c00
canonical/huawei secospace usg6600 firmware
version/huawei secospace usg6600 firmware/v500r001c00