CVE-2016-8106
UnknownEPSS 5.13%
Last modified
CVE-2016-8106 is a vulnerability of currently unknown severity. A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic working under certain network use conditions.. EPSS estimates a 5.13% chance of exploitation in the next 30 days.
Description
A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic working under certain network use conditions.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Intel | Ethernet Controller X710 Firmware | <= 5.04 |
| Intel | Ethernet Controller Xl710 Firmware | <= 5.04 |
| Hp | Ethernet 10gb 2-Port 562flr-Sfp\+ | All versions |
| Hp | Ethernet 10gb 2-Port 562sfp\+ | All versions |
| Hp | Ethernet 10gb 4-Port 563sfp\+ | All versions |
| Hp | Proliant Xl260a G9 Server | All versions |
| Lenovo | Converged Hx Series | 5.05 |
| Lenovo | Converged Hx5500 Appliance | 5.05 |
| Lenovo | Converged Hx5510 Appliance | 5.05 |
| Lenovo | Converged Hx7500 Appliance | 5.05 |
| Lenovo | Converged Hx7510 Appliance | 5.05 |
| Lenovo | Nextscale Nx360 M5 | 5.05 |
| Lenovo | System X3250 M5 | 5.05 |
| Lenovo | System X3500 M5 | 5.05 |
| Lenovo | System X3550 M5 | 5.05 |
| Lenovo | System X3650 M5 | 5.05 |
| Lenovo | System X3750 M4 | 5.05 |
| Lenovo | System X3850 X6 | 5.05 |
| Lenovo | System X3950 X6 | 5.05 |
| Lenovo | Thinkagile Cx2200 | 5.05 |
| Lenovo | Thinkagile Cx4200 | 5.05 |
| Lenovo | Thinkagile Cx4600 | 5.05 |
| Lenovo | Thinkserver Rd350 | 5.05 |
| Lenovo | Thinkserver Rd450 | 5.05 |
| Lenovo | Thinkserver Rd550 | 5.05 |
| Lenovo | Thinkserver Rd650 | 5.05 |
| Lenovo | Thinkserver Sd350 | 5.05 |
| Lenovo | Thinkserver Td350 | 5.05 |
References
- http://www.securityfocus.com/bid/95333Third Party Advisory, VDB Entry
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05368378Patch, Third Party Advisory
- https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00063&languageid=en-frPatch, Vendor Advisory
- https://support.lenovo.com/us/en/product_security/LEN-12029Patch, Third Party Advisory
- http://www.securityfocus.com/bid/95333Third Party Advisory, VDB Entry
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05368378Patch, Third Party Advisory
- https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00063&languageid=en-frPatch, Vendor Advisory
- https://support.lenovo.com/us/en/product_security/LEN-12029Patch, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2016-8106?
A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic working under certain network use conditions.
How severe is CVE-2016-8106?
Severity scoring for CVE-2016-8106 is pending analysis. The EPSS model estimates a 5.13% probability of exploitation in the next 30 days.
How do I fix CVE-2016-8106?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2016-8106?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST