CVE-2016-8781 Information

Description

Huawei Secospace USG6300 with software V500R001C20 and V500R001C20SPC200PWE Secospace USG6500 with software V500R001C20 Secospace USG6600 with software V500R001C20 and V500R001C20SPC200PWE allow remote attackers with specific permission to log in to a device and deliver a large number of unspecified commands to exhaust memory causing a DoS condition.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Reference

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161214-01-firewall-en http://www.securityfocus.com/bid/94927

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

6.5