Vulnerability Description
Huawei S12700 V200R007C00, V200R008C00, S5700 V200R007C00, S7700 V200R002C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, S9700 V200R007C00 have an input validation vulnerability. Due to the lack of input validation, an attacker may craft a malformed packet and send it to the device using VRP, causing the device to display additional memory data and possibly leading to sensitive information leakage.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | S12700 Firmware | v200r007c00 |
| Huawei | S12700 | - |
| Huawei | S5700 Firmware | v200r007c00 |
| Huawei | S5700 | - |
| Huawei | S7700 Firmware | v200r002c00 |
| Huawei | S7700 | - |
| Huawei | S9700 Firmware | v200r007c00 |
| Huawei | S9700 | - |
Related Weaknesses (CWE)
References
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161228-04-vrp-enVendor Advisory
- http://www.securityfocus.com/bid/95149Third Party AdvisoryVDB Entry
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161228-04-vrp-enVendor Advisory
- http://www.securityfocus.com/bid/95149Third Party AdvisoryVDB Entry
FAQ
What is CVE-2016-8785?
CVE-2016-8785 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Huawei S12700 V200R007C00, V200R008C00, S5700 V200R007C00, S7700 V200R002C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, S9700 V200R007C00 have an input validation vulnerability. Due to the l...
How severe is CVE-2016-8785?
CVE-2016-8785 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-8785?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei S12700 Firmware, Huawei S12700, Huawei S5700 Firmware, Huawei S5700, Huawei S7700 Firmware.