CVE-2016-5368 - Memory leak in Huawei AR3200 before V200R007C00SPC900 allows remote attackers to cause a denial of s

CVE-2016-5368

Summary

Memory leak in Huawei AR3200 before V200R007C00SPC900 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted Multiprotocol Label Switching (MPLS) packets.

References

Vulnerable Configurations

cpe:2.3:h:huawei:ar3200:-:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ar3200:-:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar3200_firmware:v200r005c20:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar3200_firmware:v200r005c20:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar3200_firmware:v200r005c32:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar3200_firmware:v200r005c32:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar3200_firmware:v200r007c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar3200_firmware:v200r007c00:*:*:*:*:*:*:*

CVSS

Base:	7.8 (as of 28-11-2016 - 20:24)
Impact:
Exploitability:

CWE

CWE-399

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:C

refmap via4

bid	91557
confirm	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160608-01-mpls-en

Last major update

28-11-2016 - 20:24

Published

30-06-2016 - 16:59

Last modified

28-11-2016 - 20:24