Is CVE-2016-8782 actively exploited?

CVE-2016-8782 has no public evidence of in-the-wild exploitation as of 2024-11-21.

What is the CVSS score for CVE-2016-8782?

CVE-2016-8782 has a CVSS score of 5.3 (MEDIUM severity). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L.

How do I patch CVE-2016-8782?

Patch guidance is available from huawei security advisories. CVEDatabase generates AI-assisted remediation guidance on demand for CVE-2016-8782.

CVE-2016-8782 - remediation guidance & executive summary

Q: Which products are affected by CVE-2016-8782?

5 products: huawei cloudengine 12800 firmware, huawei cloudengine 12800 firmware, huawei cloudengine 12800 firmware, huawei cloudengine 12800 firmware, huawei cloudengine 12800 firmware.

Description

Huawei CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Label Distribution Protocol (LDP) packets to the devices repeatedly. Due to improper validation of some specific fields of the packet, the LDP processing module does not release the memory, resulting in memory leak.

CVSS Metrics

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Attack Vector: network
Complexity: low
Privileges: none
User Action: none
Scope: unchanged
Confidentiality: none
Integrity: none
Availability: low
Weaknesses: CWE-399

Metadata

Primary Vendor: HUAWEI
Published: 3/9/2018
Last Modified: 11/21/2024
Source: NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

huawei : cloudengine_12800_firmwarehuawei : cloudengine_12800_firmwarehuawei : cloudengine_12800_firmwarehuawei : cloudengine_12800_firmwarehuawei : cloudengine_12800_firmware

Remediation Guidance

Executive Summary

View on NIST NVD