CVE-2016-8780

moderate-risk

Published 2017-04-02

Huawei CloudEngine 6800 V100R006C00, CloudEngine 7800 V100R006C00, CloudEngine 8800 V100R006C00, and CloudEngine 12800 V100R006C00 allow remote attackers with specific permission to store massive files to exhaust the shared storage space, leading to a DoS condition.

Do I need to act?

0.23% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 6.5/10 Medium

NETWORK / LOW complexity

Affected Products (4)

Cloudengine 6800 Firmware

Cloudengine 7800 Firmware

Cloudengine 8800 Firmware

Cloudengine 12800 Firmware

Affected Vendors

Huawei

References (4)

Vendor Advisory http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161130-01-switch-...

Third Party Advisory http://www.securityfocus.com/bid/94618

Vendor Advisory http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161130-01-switch-...

Third Party Advisory http://www.securityfocus.com/bid/94618

/ 100

moderate-risk

Severity 24/34 · High

Exploitability 1/34 · Minimal

Exposure 10/34 · Low