Vulnerability CVE-2016-8611

Vulnerability Name:

CVE-2016-8611 (CCN-119021)

Assigned:

2016-11-15

Published:

2016-11-15

Updated:

2023-02-12

Summary:

CVSS v3 Severity:

6.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
5.7 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

4.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)
3.8 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

4.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

4.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2016-8611

Source: secalert@redhat.com
Type: Mailing List, Third Party Advisory
secalert@redhat.com

Source: CCN
Type: BID-94378
OpenStack Glance CVE-2016-8611 Denial of Service Vulnerability

Source: secalert@redhat.com
Type: Third Party Advisory, VDB Entry
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory, VDB Entry
secalert@redhat.com

Source: secalert@redhat.com
Type: Issue Tracking, Third Party Advisory
secalert@redhat.com

Source: XF
Type: UNKNOWN
glance-cve20168611-dos(119021)

Source: CCN
Type: HPSBGN03676 rev.1
HPE Helion OpenStack Glance Image Service, Remote Denial of Service (DoS)

Source: secalert@redhat.com
Type: Vendor Advisory
secalert@redhat.com

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2016-8611

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20168611	V	CVE-2016-8611	2022-05-22
oval:org.opensuse.security:def:57149	P	Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)	2021-12-14
oval:org.opensuse.security:def:60391	P	Security update for python3 (Moderate)	2021-10-20
oval:org.opensuse.security:def:58017	P	Security update for xen (Important)	2021-09-23
oval:org.opensuse.security:def:57993	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)	2021-08-25
oval:org.opensuse.security:def:59784	P	Security update for python-PyYAML (Important)	2021-08-24
oval:org.opensuse.security:def:57912	P	Security update for samba (Important)	2021-05-04
oval:org.opensuse.security:def:59601	P	Security update for openssl-1_0_0 (Moderate)	2021-03-08
oval:org.opensuse.security:def:57043	P	Security update for sudo (Important)	2021-01-26
oval:org.opensuse.security:def:57943	P	Security update for ImageMagick (Important)	2021-01-22
oval:org.opensuse.security:def:81020	P	Security update for crowbar-openstack, grafana, influxdb, python-urllib3 (Moderate)	2020-12-04
oval:org.opensuse.security:def:57600	P	Security update for libksba (Moderate)	2020-12-01
oval:org.opensuse.security:def:56470	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:60819	P	Security update for java-1_8_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:57800	P	libgssglue1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:59902	P	Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:56632	P	Security update for jasper (Moderate)	2020-12-01
oval:org.opensuse.security:def:60848	P	Security update for crowbar, crowbar-core, crowbar-ha, crowbar-init, crowbar-openstack, crowbar-ui (Moderate)	2020-12-01
oval:org.opensuse.security:def:59168	P	Security update for python (Important)	2020-12-01
oval:org.opensuse.security:def:60606	P	Security update for bzip2 (Important)	2020-12-01
oval:org.opensuse.security:def:57315	P	Security update for curl	2020-12-01
oval:org.opensuse.security:def:59348	P	Security update for bluez (Important)	2020-12-01
oval:org.opensuse.security:def:56469	P	Security update for xerces-j2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:60728	P	Security update for python-ipaddress (Important)	2020-12-01
oval:org.opensuse.security:def:57708	P	elfutils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56492	P	Security update for kernel-firmware (Important)	2020-12-01
oval:org.opensuse.security:def:60769	P	Security update for python-pip (Moderate)	2020-12-01
oval:org.opensuse.security:def:57874	P	libyaml-0-2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:60091	P	Security update for curl (Important)	2020-12-01
oval:org.opensuse.security:def:56870	P	Security update for libssh2_org (Moderate)	2020-12-01
oval:org.opensuse.security:def:59167	P	Security update for kernel-firmware (Important)	2020-12-01
oval:org.opensuse.security:def:60509	P	perl-XML-LibXML on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:59190	P	Security update for openssl (Moderate)	2020-12-01
oval:org.opensuse.security:def:60690	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:84301	P	Security update for crowbar, crowbar-core, crowbar-ha, crowbar-init, crowbar-openstack, crowbar-ui (Moderate)	2018-09-20
oval:org.opensuse.security:def:80652	P	Security update for crowbar, crowbar-core, crowbar-ha, crowbar-openstack, crowbar-ui (Moderate)	2018-09-04
oval:com.ubuntu.xenial:def:201686110000000	V	CVE-2016-8611 on Ubuntu 16.04 LTS (xenial) - low.	2018-07-31
oval:com.ubuntu.trusty:def:20168611000	V	CVE-2016-8611 on Ubuntu 14.04 LTS (trusty) - low.	2018-07-31
oval:com.ubuntu.xenial:def:20168611000	V	CVE-2016-8611 on Ubuntu 16.04 LTS (xenial) - low.	2018-07-31
oval:com.ubuntu.precise:def:20168611000	V	CVE-2016-8611 on Ubuntu 12.04 LTS (precise) - medium.	2016-10-28

BACK