CVE-2016-8773

Name of the Vulnerable Software and Affected Versions Huawei S5300 versions V200R003C00 through V200R009C00 Huawei S5700 versions V200R001C00 through V200R009C00 Huawei S6300 versions V200R003C00 through V200R009C00 Huawei S6700 versions V200R001C00 through V200R009C00 Huawei S7700 versions V200R007C00 through V200R009C00 Huawei S9300 versions V200R007C00 through V200R009C00 Huawei S9700 versions V200R007C00 through V200R009C00 Huawei S12700 versions V200R007C00 through V200R009C00

Description The issue is caused by improper validation of Multiprotocol Label Switching (MPLS) packets, allowing a remote unauthenticated attacker to exploit the vulnerability by sending malformed MPLS packets. This could lead to a denial of service (DoS) condition.

Recommendations For Huawei S5300 versions V200R003C00 through V200R009C00, restrict access to MPLS packets to minimize the risk of exploitation. For Huawei S5700 versions V200R001C00 through V200R009C00, consider disabling the handling of MPLS packets until a patch is available. For Huawei S6300 versions V200R003C00 through V200R009C00, avoid using the vulnerable MPLS packet handling function until the issue is resolved. For Huawei S6700 versions V200R001C00 through V200R009C00, restrict access to the vulnerable module to minimize the risk of exploitation. For Huawei S7700 versions V200R007C00 through V200R009C00, consider temporarily disabling the MPLS packet handling feature until a patch is available. For Huawei S9300 versions V200R007C00 through V200R009C00, restrict access to the vulnerable function to minimize the risk of exploitation. For Huawei S9700 versions V200R007C00 through V200R009C00, avoid using the vulnerable MPLS packet handling function until the issue is resolved. For Huawei S12700 versions V200R007C00 through V200R009C00, consider disabling the handling of MPLS packets until a patch is available.