CVE-2016-8786

Name of the Vulnerable Software and Affected Versions Huawei S12700 versions V200R005C00 through V200R008C00 Huawei S5700 versions V200R006C00 through V200R008C00 Huawei S6700 version V200R008C00 Huawei S7700 versions V200R001C00 through V200R008C00 Huawei S9700 versions V200R001C00 through V200R008C00

Description The issue is a denial of service (DoS) vulnerability due to the lack of input validation. A remote attacker may craft a malformed Resource Reservation Protocol (RSVP) packet and send it to the device, causing buffer overflows and occasional device restart.

Recommendations For Huawei S12700 versions V200R005C00 through V200R008C00, restrict access to the RSVP protocol to minimize the risk of exploitation. For Huawei S5700 versions V200R006C00 through V200R008C00, consider disabling the RSVP protocol until a patch is available. For Huawei S6700 version V200R008C00, avoid using the RSVP protocol in production environments until the issue is resolved. For Huawei S7700 versions V200R001C00 through V200R008C00, apply configuration changes to limit the impact of malformed RSVP packets. For Huawei S9700 versions V200R001C00 through V200R008C00, implement additional security measures to prevent remote attackers from sending crafted RSVP packets.