Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Cloudengine_12800_firmware
(Huawei)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 28 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-12-13 | CVE-2019-5291 | Some Huawei products have an insufficient verification of data authenticity vulnerability. A remote, unauthenticated attacker has to intercept specific packets between two devices, modify the packets, and send the modified packets to the peer device. Due to insufficient verification of some fields in the packets, an attacker may exploit the vulnerability to cause the target device to be abnormal. | Ar1200\-S_firmware, Ar1200_firmware, Ar120\-S_firmware, Ar150\-S_firmware, Ar150_firmware, Ar160_firmware, Ar200\-S_firmware, Ar200_firmware, Ar2200\-S_firmware, Ar2200_firmware, Ar3200_firmware, Ar3600_firmware, Cloudengine_12800_firmware, Netengine16ex_firmware, S6700_firmware, Srg1300_firmware, Srg2300_firmware, Srg3300_firmware | N/A | ||
| 2018-02-15 | CVE-2017-17301 | Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR1200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR1200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR160 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR200 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR200-S V200R005C32, V200R006C10,... | Ar1200\-S_firmware, Ar1200_firmware, Ar120\-S_firmware, Ar150_firmware, Ar160_firmware, Ar200\-S_firmware, Ar200_firmware, Ar2200\-S_firmware, Ar2200_firmware, Ar3200_firmware, Ar3600_firmware, Ar510_firmware, Cloudengine_12800_firmware, Cloudengine_5800_firmware, Cloudengine_6800_firmware, Cloudengine_7800_firmware, Dp300_firmware, Espace_iad_firmware, Espace_u1981_firmware, Espace_usm_firmware, Smc2\.0_firmware, Srg1300_firmware, Srg2300_firmware, Srg3300_firmware, Te30_firmware, Te60_firmware, Viewpoint_8660_firmware, Vp9660_firmware | 9.8 | ||
| 2018-02-15 | CVE-2017-15349 | Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Resource ReServation Protocol (RSVP) packets to the affected products. Due to not release the memory to handle the packets, successful... | Cloudengine_12800_firmware, Cloudengine_5800_firmware, Cloudengine_6800_firmware, Cloudengine_7800_firmware | 7.5 | ||
| 2017-11-22 | CVE-2017-8147 | AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 6800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine... | Ac6005_firmware, Ac6605_firmware, Ar1200_firmware, Ar200_firmware, Ar3200_firmware, Cloudengine_12800_firmware, Cloudengine_5800_firmware, Cloudengine_6800_firmware, Cloudengine_7800_firmware, Cloudengine_8800_firmware, E600_firmware, S12700_firmware, S1700_firmware, S2300_firmware, S2700_firmware, S5300_firmware, S5700_firmware, S6300_firmware, S6700_firmware, S7700_firmware, S9300_firmware, S9700_firmware, Secospace_usg6600_firmware | 7.5 | ||
| 2017-04-02 | CVE-2016-8795 | Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 6800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 7800 with software V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 8800 with software V100R006C00; and Secospace USG6600... | Cloudengine_12800_firmware, Cloudengine_5800_firmware, Cloudengine_6800_firmware, Cloudengine_7800_firmware, Cloudengine_8800_firmware, Secospace_usg6600_firmware | 5.9 | ||
| 2017-04-02 | CVE-2016-8790 | Huawei CloudEngine 5800 with software before V200R001C00SPC700, CloudEngine 6800 with software before V200R001C00SPC700, CloudEngine 7800 with software before V200R001C00SPC700, CloudEngine 8800 with software before V200R001C00SPC700, CloudEngine 12800 with software before V200R001C00SPC700 could allow the attacker to exploit a buffer overflow vulnerability by sending crafted packets to the affected system to cause a main control board reboot. | Cloudengine_12800_firmware, Cloudengine_5800_firmware, Cloudengine_6800_firmware, Cloudengine_7800_firmware, Cloudengine_8800_firmware | 5.7 | ||
| 2018-03-09 | CVE-2016-8784 | Huawei CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Label Distribution Protocol (LDP) packets to the devices. When the values of some parameters in the packet are abnormal, the LDP processing module does not release the memory to handle the packet, resulting in memory leak. | Cloudengine_12800_firmware | 4.3 | ||
| 2018-03-09 | CVE-2016-8782 | Huawei CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Label Distribution Protocol (LDP) packets to the devices repeatedly. Due to improper validation of some specific fields of the packet, the LDP processing module does not release the memory, resulting in memory leak. | Cloudengine_12800_firmware | 5.3 | ||
| 2017-04-02 | CVE-2016-8780 | Huawei CloudEngine 6800 V100R006C00, CloudEngine 7800 V100R006C00, CloudEngine 8800 V100R006C00, and CloudEngine 12800 V100R006C00 allow remote attackers with specific permission to store massive files to exhaust the shared storage space, leading to a DoS condition. | Cloudengine_12800_firmware, Cloudengine_6800_firmware, Cloudengine_7800_firmware, Cloudengine_8800_firmware | 6.5 | ||
| 2016-08-02 | CVE-2016-6178 | Huawei NE40E and CX600 devices with software before V800R007SPH017; PTN 6900-2-M8 devices with software before V800R007SPH019; NE5000E devices with software before V800R006SPH018; and CloudEngine devices 12800 with software before V100R003SPH010 and V100R005 before V100R005SPH006 allow remote attackers with control plane access to cause a denial of service or execute arbitrary code via a crafted packet. | Cloudengine_12800_firmware, Cx600_firmware, Ne40e_firmware, Ne5000e_firmware, Ptn_6900\-2\-M8_firmware | 9.8 |