CVE-2016-8780

CWE-400 — Uncontrolled Resource Consumption3 documents3 sources

Severity

6.5MEDIUM

EPSS

0.2%

top 53.89%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Cloudengine 12800 Firmware Huawei Cloudengine 6800 Firmware Huawei Cloudengine 7800 Firmware +1 more

Timeline

PublishedApr 2

Latest updateMay 17

Description

Huawei CloudEngine 6800 V100R006C00, CloudEngine 7800 V100R006C00, CloudEngine 8800 V100R006C00, and CloudEngine 12800 V100R006C00 allow remote attackers with specific permission to store massive files to exhaust the shared storage space, leading to a DoS condition.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages4 packages

▶NVDhuawei/cloudengine_6800_firmwarev100r006c00

▶NVDhuawei/cloudengine_7800_firmwarev100r006c00

▶NVDhuawei/cloudengine_8800_firmwarev100r006c00

▶NVDhuawei/cloudengine_12800_firmwarev100r006c00

🔴Vulnerability Details

GHSA

GHSA-5x9p-jh4v-62pr: Huawei CloudEngine 6800 V100R006C00, CloudEngine 7800 V100R006C00, CloudEngine 8800 V100R006C00, and CloudEngine 12800 V100R006C00 allow remote attack↗2022-05-17

▶

CVEList

CVE-2016-8780: Huawei CloudEngine 6800 V100R006C00, CloudEngine 7800 V100R006C00, CloudEngine 8800 V100R006C00, and CloudEngine 12800 V100R006C00 allow remote attack↗2017-04-02

▶