CVE-2016-8106
moderate-risk
Published 2017-01-09
A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic working under certain network use conditions.
Do I need to act?
~
2.6% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.9/10
Medium
NETWORK
/ HIGH complexity
Affected Products (20)
Ethernet 10Gb 2-Port 562Flr-Sfp\+
Ethernet 10Gb 2-Port 562Sfp\+
Proliant Xl260A G9 Server
Nextscale Nx360 M5
System X3500 M5
System X3550 M5
Thinkagile Cx2200
Thinkagile Cx4200
Thinkagile Cx4600
Thinkserver Rd450
Thinkserver Rd550
Thinkserver Rd650
Thinkserver Sd350
Ethernet Controller X710 Firmware
Ethernet Controller Xl710 Firmware
Ethernet 10Gb 4-Port 563Sfp\+
Converged Hx Series
Converged Hx5500 Appliance
Converged Hx5510 Appliance
Converged Hx7500 Appliance
References (14)
Third Party Advisory
http://www.securityfocus.com/bid/95333
Third Party Advisory
http://www.securityfocus.com/bid/95333
46
/ 100
moderate-risk
Severity
18/34 · Moderate
Exploitability
6/34 · Minimal
Exposure
22/34 · High