The security policy processing module in Huawei Secospace USG6300 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200; Secospace USG6500 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200; Secospace USG6600 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200 allows authenticated attackers to setup a specific security policy into the devices, causing a buffer overflow and crashing the system.
References
Link | Resource |
---|---|
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161125-01-usg-en | Vendor Advisory |
http://www.securityfocus.com/bid/94538 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Information
Published : 2017-04-02 13:59
Updated : 2017-04-05 12:52
NVD link : CVE-2016-8802
Mitre link : CVE-2016-8802
JSON object : View
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Products Affected
huawei
- secospace_usg6600
- secospace_usg6500
- secospace_usg6500_firmware
- secospace_usg6300
- secospace_usg6300_firmware
- secospace_usg6600_firmware