PT-2016-6396 · Huawei · Huawei Ar3200

Published

2016-06-30

Updated

2016-11-28

CVE-2016-5368

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Huawei AR3200 versions prior to V200R007C00SPC900

Description The issue allows remote attackers to cause a denial of service due to memory consumption. This is achieved by sending a large number of crafted Multiprotocol Label Switching (MPLS) packets.

Recommendations For versions prior to V200R007C00SPC900, update to V200R007C00SPC900 or later to resolve the issue. As a temporary workaround, consider restricting the number of MPLS packets processed by the device to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

CVE-2016-5368

Affected Products

Huawei Ar3200

PT-2016-6396 · Huawei · Huawei Ar3200

CVE-2016-5368

Weakness Enumeration

Related Identifiers

Affected Products

References · 4