CVE-2016-8780

Huawei CloudEngine 6800 V100R006C00, CloudEngine 7800 V100R006C00, CloudEngine 8800 V100R006C00, and CloudEngine 12800 V100R006C00 allow remote attackers with specific permission to store massive files to exhaust the shared storage space, leading to a DoS condition.

CVSS v3 6.5 MEDIUM
CVSS v2.0 6.8 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector : AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

6.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:S/C:N/I:N/A:C

Exploitability : 8.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161130-01-switch-en	Vendor Advisory
http://www.securityfocus.com/bid/94618	Third Party Advisory VDB Entry
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161130-01-switch-en	Vendor Advisory
http://www.securityfocus.com/bid/94618	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r006c00:*:*:*:*:*:*:*

cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r006c00:*:*:*:*:*:*:*

cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:huawei:cloudengine_8800_firmware:v100r006c00:*:*:*:*:*:*:*

cpe:2.3:h:huawei:cloudengine_8800:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r006c00:*:*:*:*:*:*:*

cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*

History

21 Nov 2024, 03:00

Type	Values Removed	Values Added
References	~~() http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161130-01-switch-en - Vendor Advisory~~	() http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161130-01-switch-en - Vendor Advisory
References	~~() http://www.securityfocus.com/bid/94618 - Third Party Advisory, VDB Entry~~	() http://www.securityfocus.com/bid/94618 - Third Party Advisory, VDB Entry

Information

Published : 2017-04-02 20:59

Updated : 2025-04-20 01:37

NVD link : CVE-2016-8780

Mitre link : CVE-2016-8780

CVE.ORG link : CVE-2016-8780

JSON object : View

Products Affected

huawei

cloudengine_8800
cloudengine_6800_firmware
cloudengine_12800
cloudengine_6800
cloudengine_7800_firmware
cloudengine_7800
cloudengine_8800_firmware
cloudengine_12800_firmware

CWE

CWE-400

Uncontrolled Resource Consumption

{"id": "CVE-2016-8780", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2017-04-02T20:59:01.563", "references": [{"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161130-01-switch-en", "tags": ["Vendor Advisory"], "source": "psirt@huawei.com"}, {"url": "http://www.securityfocus.com/bid/94618", "tags": ["Third Party Advisory", "VDB Entry"], "source": "psirt@huawei.com"}, {"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161130-01-switch-en", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/94618", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-400"}]}], "descriptions": [{"lang": "en", "value": "Huawei CloudEngine 6800 V100R006C00, CloudEngine 7800 V100R006C00, CloudEngine 8800 V100R006C00, and CloudEngine 12800 V100R006C00 allow remote attackers with specific permission to store massive files to exhaust the shared storage space, leading to a DoS condition."}, {"lang": "es", "value": "Huawei CloudEngine 6800 V100R006C00, CloudEngine 7800 V100R006C00, CloudEngine 8800 V100R006C00 y CloudEngine 12800 V100R006C00 permiten a atacantes remotos con permiso especifico almacenar archivos masivos para agotar el espacio de almacenamiento compartido, dirigiendo a una condici\u00f3n DoS."}], "lastModified": "2025-04-20T01:37:25.860", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r006c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5E574B02-F89A-4D5C-B462-3AF56F1C0A57"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "19F2B3CC-12AD-466D-98F9-0C09C7C053CF"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r006c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF6985E0-9375-4DE2-A879-AAACF923381C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D05E858C-A3D8-4BF1-A750-CFD8C949ABF0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:cloudengine_8800_firmware:v100r006c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "494F5272-28A3-4CE8-BB15-A7532C6DBA2E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:cloudengine_8800:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "102751EB-C284-4983-BDFA-BFB634CB2CEC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r006c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C2DACA5-0AA6-419B-AC6A-8CC19326758E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DE8A2875-0F7E-4790-A925-5999396B7578"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@huawei.com"}

6.5 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

6.8 /10

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

JSON object

Attach tags to CVE-2016-8780

6.5^/10

6.8^/10

Attach tags to `CVE-2016-8780`