VAR-201704-0425
Vulnerability from variot - Updated: 2025-04-20 23:37The security policy processing module in Huawei Secospace USG6300 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200; Secospace USG6500 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200; Secospace USG6600 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200 allows authenticated attackers to setup a specific security policy into the devices, causing a buffer overflow and crashing the system. Huawei Secospace is a terminal security management system. A buffer overflow vulnerability exists in multiple Huawei Secospace products. Because the user does not perform a boundary check on the data copied by the user, the attacker can exploit the vulnerability to restart the affected device, resulting in a denial of service condition and possibly executing arbitrary code. Attackers can exploit this issue to reboot the affected device to cause denial-of-service conditions. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed. Huawei Secospace USG6300 etc. are the firewalls of China Huawei (Huawei). The following products and versions are affected: Huawei Secospace USG6300 V500R001C20SPC100 Version, V500R001C20SPC101 Version, V500R001C20SPC200 Version; Secospace USG6500 USG6300 V500R001C20SPC100 Version, V500R001C20SPC101 Version, V500R001C20SPC200 Version; Secospace USG6600 V500R001C20SPC100 Version, V500R001C20SPC101 Version, V500R001C20SPC200 Version
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-0425",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v500r001c20spc101"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v500r001c20spc200"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v500r001c20spc101"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v500r001c20spc200"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v500r001c20spc101"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v500r001c20spc200"
},
{
"model": "secospace usg6300 v500r001c20spc100",
"scope": null,
"trust": 0.9,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300 v500r001c20spc101",
"scope": null,
"trust": 0.9,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300 v500r001c20spc200",
"scope": null,
"trust": 0.9,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6500 v500r001c20spc100",
"scope": null,
"trust": 0.9,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6500 v500r001c20spc101",
"scope": null,
"trust": 0.9,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6500 v500r001c20spc200",
"scope": null,
"trust": 0.9,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6600 v500r001c20spc100",
"scope": null,
"trust": 0.9,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6600 v500r001c20spc101",
"scope": null,
"trust": 0.9,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6600 v500r001c20spc200",
"scope": null,
"trust": 0.9,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6600 v500r001c20spc300",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6500 v500r001c20spc300",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300 v500r001c20spc300",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11668"
},
{
"db": "BID",
"id": "94538"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008214"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-650"
},
{
"db": "NVD",
"id": "CVE-2016-8802"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:huawei:secospace_usg6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:secospace_usg6500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:secospace_usg6600_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008214"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "94538"
}
],
"trust": 0.3
},
"cve": "CVE-2016-8802",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CVE-2016-8802",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-11668",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "VHN-97622",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2016-8802",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-8802",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2016-8802",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2016-11668",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201611-650",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-97622",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11668"
},
{
"db": "VULHUB",
"id": "VHN-97622"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008214"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-650"
},
{
"db": "NVD",
"id": "CVE-2016-8802"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The security policy processing module in Huawei Secospace USG6300 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200; Secospace USG6500 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200; Secospace USG6600 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200 allows authenticated attackers to setup a specific security policy into the devices, causing a buffer overflow and crashing the system. Huawei Secospace is a terminal security management system. A buffer overflow vulnerability exists in multiple Huawei Secospace products. Because the user does not perform a boundary check on the data copied by the user, the attacker can exploit the vulnerability to restart the affected device, resulting in a denial of service condition and possibly executing arbitrary code. \nAttackers can exploit this issue to reboot the affected device to cause denial-of-service conditions. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed. Huawei Secospace USG6300 etc. are the firewalls of China Huawei (Huawei). The following products and versions are affected: Huawei Secospace USG6300 V500R001C20SPC100 Version, V500R001C20SPC101 Version, V500R001C20SPC200 Version; Secospace USG6500 USG6300 V500R001C20SPC100 Version, V500R001C20SPC101 Version, V500R001C20SPC200 Version; Secospace USG6600 V500R001C20SPC100 Version, V500R001C20SPC101 Version, V500R001C20SPC200 Version",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-8802"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008214"
},
{
"db": "CNVD",
"id": "CNVD-2016-11668"
},
{
"db": "BID",
"id": "94538"
},
{
"db": "VULHUB",
"id": "VHN-97622"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-8802",
"trust": 3.4
},
{
"db": "BID",
"id": "94538",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008214",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201611-650",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-11668",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-97622",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11668"
},
{
"db": "VULHUB",
"id": "VHN-97622"
},
{
"db": "BID",
"id": "94538"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008214"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-650"
},
{
"db": "NVD",
"id": "CVE-2016-8802"
}
]
},
"id": "VAR-201704-0425",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11668"
},
{
"db": "VULHUB",
"id": "VHN-97622"
}
],
"trust": 1.3653315199999998
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11668"
}
]
},
"last_update_date": "2025-04-20T23:37:57.063000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20161125-01-usg",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161125-01-usg-en"
},
{
"title": "Patch for buffer overflow vulnerability in multiple HuaweiSecospace products",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/84654"
},
{
"title": "Multiple Huawei Secospace Repair measures for firewall product buffer overflow vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=66066"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11668"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008214"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-650"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-97622"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008214"
},
{
"db": "NVD",
"id": "CVE-2016-8802"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161125-01-usg-en"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/94538"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8802"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-8802"
},
{
"trust": 0.3,
"url": "http://www.huawei.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11668"
},
{
"db": "VULHUB",
"id": "VHN-97622"
},
{
"db": "BID",
"id": "94538"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008214"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-650"
},
{
"db": "NVD",
"id": "CVE-2016-8802"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-11668"
},
{
"db": "VULHUB",
"id": "VHN-97622"
},
{
"db": "BID",
"id": "94538"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008214"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-650"
},
{
"db": "NVD",
"id": "CVE-2016-8802"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11668"
},
{
"date": "2017-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-97622"
},
{
"date": "2016-11-25T00:00:00",
"db": "BID",
"id": "94538"
},
{
"date": "2017-05-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008214"
},
{
"date": "2016-11-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-650"
},
{
"date": "2017-04-02T20:59:01.937000",
"db": "NVD",
"id": "CVE-2016-8802"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11668"
},
{
"date": "2017-04-05T00:00:00",
"db": "VULHUB",
"id": "VHN-97622"
},
{
"date": "2016-12-20T01:02:00",
"db": "BID",
"id": "94538"
},
{
"date": "2017-05-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008214"
},
{
"date": "2016-12-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-650"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2016-8802"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-650"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Secospace USG Buffer overflow vulnerability in product security policy execution module",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008214"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-650"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…