Ethernet Controller X710 Firmware
CVE-2016-8106
MEDIUM
Severity by source
AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionCVE.org
A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic working under certain network use conditions.
AnalysisAI
A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.
Technical ContextAI
This vulnerability is classified under CWE-20. A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic working under certain network use conditions. Affected products include: Intel Ethernet Controller X710 Firmware, Intel Ethernet Controller Xl710 Firmware, Hp Ethernet 10Gb 2-Port 562Flr-Sfp\+, Hp Ethernet 10Gb 2-Port 562Sfp\+, Hp Ethernet 10Gb 4-Port 563Sfp\+. Version information: version 5.05.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Same weakness CWE-20 – Improper Input Validation
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today