CVE-2016-8786
Description
Huawei S12700 V200R005C00, V200R006C00, V200R007C00, V200R008C00, S5700 V200R006C00, V200R007C00, V200R008C00, S6700 V200R008C00, S7700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, S9700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00 have a denial of service (DoS) vulnerability. Due to the lack of input validation, a remote attacker may craft a malformed Resource Reservation Protocol (RSVP) packet and send it to the device, causing a few buffer overflows and occasional device restart.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.221
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities affected in s12700_firmware v200r008c00 | NCM |
| Multiple Vulnerabilities affected in s12700_firmware v200r007c00 | NCM |
| Vulnerabilities CVE-2016-8786 ,CVE-2017-15327 ,CVE-2017-17141 ,CVE-2019-5285 are affected in s12700_firmware v200r006c00 | NCM |
| Multiple Vulnerabilities affected in s12700_firmware v200r005c00 | NCM |
| Improper Input Validation Vulnerability (CVE-2016-8786) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234