VAR-201606-0023
Vulnerability from variot - Updated: 2025-04-12 23:08Huawei FusionCompute before V100R005C10SPC700 allows remote authenticated users to cause a denial of service (resource consumption) via a large number of crafted packets. HuaweiFusionCompute is an enterprise-class open server virtualization solution based on Xen open source design. Huawei FusionCompute is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to exhaust system resources, denying service to legitimate users. The solution provides automation, advanced integration and management capabilities for virtualized data centers. Security vulnerabilities exist in Huawei FusionCompute V100R005C00
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201606-0023",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fusioncompute",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r005c00"
},
{
"model": "fusioncompute",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "fusioncompute",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v100r005c10spc700"
},
{
"model": "fusioncompute v100r005c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "fusioncompute",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v100r005c00"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-04478"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003439"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-664"
},
{
"db": "NVD",
"id": "CVE-2016-4057"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:huawei:fusioncompute",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:huawei:fusioncompute",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-003439"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "85738"
}
],
"trust": 0.3
},
"cve": "CVE-2016-4057",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CVE-2016-4057",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CNVD-2016-04478",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "VHN-92876",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2016-4057",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-4057",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2016-4057",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2016-04478",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201606-664",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-92876",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-04478"
},
{
"db": "VULHUB",
"id": "VHN-92876"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003439"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-664"
},
{
"db": "NVD",
"id": "CVE-2016-4057"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei FusionCompute before V100R005C10SPC700 allows remote authenticated users to cause a denial of service (resource consumption) via a large number of crafted packets. HuaweiFusionCompute is an enterprise-class open server virtualization solution based on Xen open source design. Huawei FusionCompute is prone to a remote denial-of-service vulnerability. \nAn attacker can exploit this issue to exhaust system resources, denying service to legitimate users. The solution provides automation, advanced integration and management capabilities for virtualized data centers. Security vulnerabilities exist in Huawei FusionCompute V100R005C00",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4057"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003439"
},
{
"db": "CNVD",
"id": "CNVD-2016-04478"
},
{
"db": "BID",
"id": "85738"
},
{
"db": "VULHUB",
"id": "VHN-92876"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-4057",
"trust": 3.4
},
{
"db": "BID",
"id": "85738",
"trust": 1.4
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003439",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201606-664",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-04478",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-92876",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-04478"
},
{
"db": "VULHUB",
"id": "VHN-92876"
},
{
"db": "BID",
"id": "85738"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003439"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-664"
},
{
"db": "NVD",
"id": "CVE-2016-4057"
}
]
},
"id": "VAR-201606-0023",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-04478"
},
{
"db": "VULHUB",
"id": "VHN-92876"
}
],
"trust": 0.95
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-04478"
}
]
},
"last_update_date": "2025-04-12T23:08:52.251000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20160330-01-fusioncompute",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160330-01-fusioncompute-en"
},
{
"title": "HuaweiFusionCompute denial of service vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/78554"
},
{
"title": "Huawei FusionCompute Remediation measures for denial of service vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=62573"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-04478"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003439"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-664"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-92876"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003439"
},
{
"db": "NVD",
"id": "CVE-2016-4057"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160330-01-fusioncompute-en"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/85738"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4057"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4057"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-04478"
},
{
"db": "VULHUB",
"id": "VHN-92876"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003439"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-664"
},
{
"db": "NVD",
"id": "CVE-2016-4057"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-04478"
},
{
"db": "VULHUB",
"id": "VHN-92876"
},
{
"db": "BID",
"id": "85738"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003439"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-664"
},
{
"db": "NVD",
"id": "CVE-2016-4057"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-07-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-04478"
},
{
"date": "2016-06-30T00:00:00",
"db": "VULHUB",
"id": "VHN-92876"
},
{
"date": "2016-03-30T00:00:00",
"db": "BID",
"id": "85738"
},
{
"date": "2016-07-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003439"
},
{
"date": "2016-06-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201606-664"
},
{
"date": "2016-06-30T16:59:01.257000",
"db": "NVD",
"id": "CVE-2016-4057"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-07-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-04478"
},
{
"date": "2016-11-28T00:00:00",
"db": "VULHUB",
"id": "VHN-92876"
},
{
"date": "2016-07-06T15:10:00",
"db": "BID",
"id": "85738"
},
{
"date": "2016-07-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003439"
},
{
"date": "2016-07-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201606-664"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2016-4057"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-664"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei FusionCompute Denial of Service Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-04478"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-664"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-664"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…