All the vulnerabilites related to huawei - acu2
Vulnerability from fkie_nvd
Published
2016-09-22 15:59
Modified
2024-11-21 02:56
Severity ?
Summary
Huawei AC6003, AC6005, AC6605, and ACU2 access controllers with software before V200R006C10SPC200 allows remote authenticated users to cause a denial of service (device restart) via crafted CAPWAP packets.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | ac6003_firmware | * | |
| huawei | ac6003_firmware | * | |
| huawei | ac6005_firmware | * | |
| huawei | ac6005_firmware | * | |
| huawei | ac6605_firmware | * | |
| huawei | ac6605_firmware | v200r006c00 | |
| huawei | acu2_firmware | * | |
| huawei | acu2_firmware | * | |
| huawei | ac6003 | - | |
| huawei | ac6005 | - | |
| huawei | ac6605 | - | |
| huawei | acu2 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ac6003_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F19F953-42DA-4268-82F9-882832CDC0DD",
"versionEndIncluding": "v200r005c10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ac6003_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "746998C5-5D0A-4B04-9B7E-100B3E29E1BB",
"versionEndIncluding": "v200r006c00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ac6005_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4326174E-9187-49A0-AB05-B450B6C53F31",
"versionEndIncluding": "v200r005c10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ac6005_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B78B3D8-AEF9-4529-8C98-0C1A5C1EFB27",
"versionEndIncluding": "v200r006c00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ac6605_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8AB7F764-5246-495B-B342-8D4C8168670B",
"versionEndIncluding": "v200r005c10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ac6605_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BEDF9639-FC4A-4749-9AF7-E7FBCF4147B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:acu2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F0E0490-ADDB-410C-9C76-A10733AB682D",
"versionEndIncluding": "v200r005c10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:acu2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC142E9C-C281-42DC-B254-6AC7D6B12855",
"versionEndIncluding": "v200r006c00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ac6003:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50521400-DB04-4EA9-A98D-A9A893E8054F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ac6005:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3681DA94-7184-4DC6-BD73-FCE2DB808F07",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ac6605:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA1E5AE5-EBB2-4E05-A3C7-E2CA54205FF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:acu2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF525629-AD0D-4CDC-A979-712C841FF7C6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Huawei AC6003, AC6005, AC6605, and ACU2 access controllers with software before V200R006C10SPC200 allows remote authenticated users to cause a denial of service (device restart) via crafted CAPWAP packets."
},
{
"lang": "es",
"value": "Controladores de acceso Huawei AC6003, AC6005, AC6605 y ACU2 con software en versiones anteriores a V200R006C10SPC200 permite a usuarios remotos autenticados provocar una denegaci\u00f3n de servicio (reinicio de dispositivo) a trav\u00e9s de paquetes CAPWAP manipulados."
}
],
"id": "CVE-2016-6824",
"lastModified": "2024-11-21T02:56:54.280",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-09-22T15:59:07.443",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"VDB Entry"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160817-01-ac-en"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.securityfocus.com/bid/92506"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160817-01-ac-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.securityfocus.com/bid/92506"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-02 20:59
Modified
2024-11-21 02:48
Severity ?
Summary
Huawei switches S5700, S6700, S7700, S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00; S12700 with software V200R005C00SPC500, V200R006C00; ACU2 with software V200R005C00SPC500, V200R006C00 have a permission control vulnerability. If a switch enables Authentication, Authorization, and Accounting (AAA) for permission control and user permissions are not appropriate, AAA users may obtain the virtual type terminal (VTY) access permission, resulting in privilege escalation.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "121BEE57-945E-4368-8AE4-4A823D70D31C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r002c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "EBC629F6-BF42-4C2B-8CB1-2C4412C8D95A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "DEC329F7-D83F-4119-B8CA-CC819EC872CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "4B3B076D-F61E-4BE0-B808-D86EB6A83D92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5973A534-F961-4A97-B20E-994BA28AFE29",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "4AF84CB7-7EC9-4978-A4F6-FD5746AF1CE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r002c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "AFFF09EB-AA08-4204-B028-182933EC9700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "7D5033F0-7E4F-431A-B4EA-E5D5D1FCFE5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "96FF5103-C97A-443A-8475-0E99A0175455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9FD4718F-473A-490E-8DFC-6A09FECDDD90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "07A44DEA-AB17-48F4-87C1-B3B6088BCD82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r002c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "EEBEE7C8-0AB6-4BCE-A2C1-6A4CB4BF68AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE013D0-4D00-46E1-9F7F-6711DCC9B8BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r005c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "741262BB-C214-482D-A7BE-A480A985258B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "EF3FB3CC-2EAC-4A08-BDDC-DCACEE9FA2AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "E4EE71EF-90D8-40C6-9E80-A543ED32E976",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r002c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "F5C9C9CF-A5E1-4461-8B1E-1C572BB3D59A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "C892C736-F14F-4A3F-9645-CB74A289DA36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r005c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "C2D737B8-3A28-4465-A394-E2D5DA8C1927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "6AC7E622-010C-4C5D-8AA6-D4793AFCE0E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75FAA4BF-1ED0-4059-ADA1-071AF1BF2882",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r005c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "790FC933-C4E3-471A-B1C1-8E7ECD93748F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6F2C4C7-3438-42B8-8999-C17E45C8CF49",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:acu2_firmware:v200r005c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "A8307595-31A7-4077-89E6-B4864B22C701",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:acu2_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BC1428EF-A60D-4EC8-92F2-64CAD7687D3E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:acu2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF525629-AD0D-4CDC-A979-712C841FF7C6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Huawei switches S5700, S6700, S7700, S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00; S12700 with software V200R005C00SPC500, V200R006C00; ACU2 with software V200R005C00SPC500, V200R006C00 have a permission control vulnerability. If a switch enables Authentication, Authorization, and Accounting (AAA) for permission control and user permissions are not appropriate, AAA users may obtain the virtual type terminal (VTY) access permission, resulting in privilege escalation."
},
{
"lang": "es",
"value": "Switches Huawei S5700, S6700, S7700, S9700 con software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00; S12700 con software V200R005C00SPC500, V200R006C00; ACU2 con software V200R005C00SPC500, V200R006C00 tiene una vulnerabilidad de control de permisos. Si un switch habilita Authentication, Authorization y Accounting (AAA) para el control de permisos y los permisos de usuario no son apropiados, los usuarios AAA pueden obtener el permiso de acceso al terminal de tipo virtual (VTY), resultando en una escalada de privilegios."
}
],
"id": "CVE-2016-2404",
"lastModified": "2024-11-21T02:48:23.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-02T20:59:00.860",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160217-01-switch-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160217-01-switch-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
var-201705-2542
Vulnerability from variot
The mDNS module in Huawei WLAN AC6005, AC6605, and ACU2 devices with software before V200R006C00SPC100 allows remote attackers to obtain sensitive information by leveraging failure to restrict processing of mDNS unicast queries to the link local network. Huawei WLAN AC6005 is a wireless access controller product from China Huawei. An information disclosure vulnerability exists in the mDNS module module of several Huawei WLAN AC products. An attacker could exploit the vulnerability to disclose sensitive information. The following products and versions are affected: WLAN AC6005 V200R005C00, V200R005C10, and V200R006C00 WLAN AC6605 V200R005C00, V200R005C10, and V200R006C00 WLAN ACU2 V200R005C00, V200R005C10, and V200R006C00. mDNS is one of the multicast DNS transmission modules. The vulnerability stems from the fact that the program does not handle mDNS correctly
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201705-2542",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wlan ac6605",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "wlan acu2",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c10"
},
{
"model": "wlan acu2",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c00"
},
{
"model": "wlan acu2",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "wlan ac6005",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c10"
},
{
"model": "wlan ac6005",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c00"
},
{
"model": "wlan ac6005",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "wlan ac6605",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c10"
},
{
"model": "wlan ac6605",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c00"
},
{
"model": "ac6005",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v200r006c00spc100"
},
{
"model": "ac6605",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v200r006c00spc100"
},
{
"model": "acu2",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v200r006c00spc100"
},
{
"model": "wlan ac6005",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "wlan ac6605",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "wlan acu2",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v200r005c00"
},
{
"model": "wlan ac6005",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "wlan ac6605",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v200r005c10"
},
{
"model": "wlan ac6005",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v200r005c10"
},
{
"model": "wlan acu2",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "wlan ac6605",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v200r005c00"
},
{
"model": "wlan acu2",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v200r005c10"
},
{
"model": "wlan ac6005",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v200r005c00"
},
{
"model": "wlan acu2 v200r006c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wlan acu2 v200r005c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wlan acu2 v200r005c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wlan ac6605 v200r006c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wlan ac6605 v200r005c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wlan ac6605 v200r005c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wlan ac6005 v200r006c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wlan ac6005 v200r005c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wlan ac6005 v200r005c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wlan acu2 v200r006c00spc100",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wlan ac6605 v200r006c00spc100",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wlan ac6005 v200r006c00spc100",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06224"
},
{
"db": "BID",
"id": "76684"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007570"
},
{
"db": "NVD",
"id": "CVE-2015-6586"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-272"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:wlan_acu2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v200r005c00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:wlan_acu2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v200r005c10",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:wlan_acu2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v200r006c00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:wlan_acu2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:wlan_ac6005_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v200r006c00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:wlan_ac6005_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v200r005c00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:wlan_ac6005_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v200r005c10",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:wlan_ac6005:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:wlan_ac6605_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v200r005c00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:wlan_ac6605_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v200r005c10",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:wlan_ac6605_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v200r006c00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:wlan_ac6605:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6586"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Chad Seaman",
"sources": [
{
"db": "BID",
"id": "76684"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-272"
}
],
"trust": 0.9
},
"cve": "CVE-2015-6586",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-6586",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-06224",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-84547",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2015-6586",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-6586",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2015-06224",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201509-272",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-84547",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06224"
},
{
"db": "VULHUB",
"id": "VHN-84547"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007570"
},
{
"db": "NVD",
"id": "CVE-2015-6586"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-272"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The mDNS module in Huawei WLAN AC6005, AC6605, and ACU2 devices with software before V200R006C00SPC100 allows remote attackers to obtain sensitive information by leveraging failure to restrict processing of mDNS unicast queries to the link local network. Huawei WLAN AC6005 is a wireless access controller product from China Huawei. An information disclosure vulnerability exists in the mDNS module module of several Huawei WLAN AC products. An attacker could exploit the vulnerability to disclose sensitive information. \nThe following products and versions are affected:\nWLAN AC6005 V200R005C00, V200R005C10, and V200R006C00\nWLAN AC6605 V200R005C00, V200R005C10, and V200R006C00\nWLAN ACU2 V200R005C00, V200R005C10, and V200R006C00. mDNS is one of the multicast DNS transmission modules. The vulnerability stems from the fact that the program does not handle mDNS correctly",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6586"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007570"
},
{
"db": "CNVD",
"id": "CNVD-2015-06224"
},
{
"db": "BID",
"id": "76684"
},
{
"db": "VULHUB",
"id": "VHN-84547"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6586",
"trust": 3.4
},
{
"db": "BID",
"id": "76684",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007570",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2015-06224",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201509-272",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-84547",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06224"
},
{
"db": "VULHUB",
"id": "VHN-84547"
},
{
"db": "BID",
"id": "76684"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007570"
},
{
"db": "NVD",
"id": "CVE-2015-6586"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-272"
}
]
},
"id": "VAR-201705-2542",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06224"
},
{
"db": "VULHUB",
"id": "VHN-84547"
}
],
"trust": 1.3809524
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06224"
}
]
},
"last_update_date": "2023-12-18T14:01:37.345000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Huawei-SA-20150909-01-mDNS",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-453516"
},
{
"title": "Patches for various Huawei WLAN AC product information disclosure vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/64456"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06224"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007570"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84547"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007570"
},
{
"db": "NVD",
"id": "CVE-2015-6586"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/76684"
},
{
"trust": 1.7,
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-453516.htm"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6586"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6586"
},
{
"trust": 0.3,
"url": "http://www.huawei.com"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-453516.htm "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06224"
},
{
"db": "VULHUB",
"id": "VHN-84547"
},
{
"db": "BID",
"id": "76684"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007570"
},
{
"db": "NVD",
"id": "CVE-2015-6586"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-272"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2015-06224"
},
{
"db": "VULHUB",
"id": "VHN-84547"
},
{
"db": "BID",
"id": "76684"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007570"
},
{
"db": "NVD",
"id": "CVE-2015-6586"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-272"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-09-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-06224"
},
{
"date": "2017-05-23T00:00:00",
"db": "VULHUB",
"id": "VHN-84547"
},
{
"date": "2015-09-09T00:00:00",
"db": "BID",
"id": "76684"
},
{
"date": "2017-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007570"
},
{
"date": "2017-05-23T04:29:00.963000",
"db": "NVD",
"id": "CVE-2015-6586"
},
{
"date": "2015-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201509-272"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-09-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-06224"
},
{
"date": "2017-06-07T00:00:00",
"db": "VULHUB",
"id": "VHN-84547"
},
{
"date": "2015-09-09T00:00:00",
"db": "BID",
"id": "76684"
},
{
"date": "2017-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007570"
},
{
"date": "2017-06-07T17:27:54.443000",
"db": "NVD",
"id": "CVE-2015-6586"
},
{
"date": "2017-05-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201509-272"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201509-272"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei WLAN AC Device software mDNS Vulnerability in module where important information is obtained",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007570"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201509-272"
}
],
"trust": 0.6
}
}
var-201609-0565
Vulnerability from variot
Huawei AC6003, AC6005, AC6605, and ACU2 access controllers with software before V200R006C10SPC200 allows remote authenticated users to cause a denial of service (device restart) via crafted CAPWAP packets. HuaweiAccessControllersAC6003 is a wireless access controller of China Huawei. A denial of service vulnerability exists in several Huawei products. Multiple Huawei Access Controllers are prone to a denial-of-service vulnerability. An attacker can exploit this issue to restart the device, resulting in denial-of-service condition. The following products using software versions earlier than V200R006C10SPC200 are affected: Huawei AC6003, AC6005, AC6605, and ACU2
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201609-0565",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ac6605",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "acu2",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "ac6005",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "ac6005",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c10"
},
{
"model": "ac6003",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "ac6003",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c10"
},
{
"model": "ac6605",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c10"
},
{
"model": "acu2",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c10"
},
{
"model": "acu2 v200r006c00",
"scope": null,
"trust": 0.9,
"vendor": "huawei",
"version": null
},
{
"model": "acu2 v200r005c10",
"scope": null,
"trust": 0.9,
"vendor": "huawei",
"version": null
},
{
"model": "ac6605 v200r006c00",
"scope": null,
"trust": 0.9,
"vendor": "huawei",
"version": null
},
{
"model": "ac6605 v200r005c10",
"scope": null,
"trust": 0.9,
"vendor": "huawei",
"version": null
},
{
"model": "ac6005 v200r006c00",
"scope": null,
"trust": 0.9,
"vendor": "huawei",
"version": null
},
{
"model": "ac6005 v200r005c10",
"scope": null,
"trust": 0.9,
"vendor": "huawei",
"version": null
},
{
"model": "ac6003 v200r006c00",
"scope": null,
"trust": 0.9,
"vendor": "huawei",
"version": null
},
{
"model": "ac6003",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ac6003",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v200r006c10spc200"
},
{
"model": "ac6005",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ac6005",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v200r006c10spc200"
},
{
"model": "ac6605",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ac6605",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v200r006c10spc200"
},
{
"model": "acu2",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "acu2",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v200r006c10spc200"
},
{
"model": "ac6003",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "ac6003",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v200r005c10"
},
{
"model": "ac6005",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "ac6605",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v200r005c10"
},
{
"model": "acu2",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "ac6005",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v200r005c10"
},
{
"model": "acu2",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v200r005c10"
},
{
"model": "acu2 v200r006c10spc200",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ac6605 v200r006c10spc200",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ac6005 v200r006c10spc200",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ac6003 v200r006c10spc200",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06549"
},
{
"db": "BID",
"id": "92506"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004836"
},
{
"db": "NVD",
"id": "CVE-2016-6824"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-355"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:ac6005_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v200r005c10",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:ac6003_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v200r005c10",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:ac6605_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v200r005c10",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:acu2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v200r005c10",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:ac6605_firmware:v200r006c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:ac6003_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v200r006c00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:ac6005_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v200r006c00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:acu2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v200r006c00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:ac6005:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ac6605:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ac6003:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:huawei:acu2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-6824"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue",
"sources": [
{
"db": "BID",
"id": "92506"
}
],
"trust": 0.3
},
"cve": "CVE-2016-6824",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-6824",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CNVD-2016-06549",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "VHN-95644",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-6824",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-6824",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2016-06549",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201608-355",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-95644",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06549"
},
{
"db": "VULHUB",
"id": "VHN-95644"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004836"
},
{
"db": "NVD",
"id": "CVE-2016-6824"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-355"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei AC6003, AC6005, AC6605, and ACU2 access controllers with software before V200R006C10SPC200 allows remote authenticated users to cause a denial of service (device restart) via crafted CAPWAP packets. HuaweiAccessControllersAC6003 is a wireless access controller of China Huawei. A denial of service vulnerability exists in several Huawei products. Multiple Huawei Access Controllers are prone to a denial-of-service vulnerability. \nAn attacker can exploit this issue to restart the device, resulting in denial-of-service condition. The following products using software versions earlier than V200R006C10SPC200 are affected: Huawei AC6003, AC6005, AC6605, and ACU2",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-6824"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004836"
},
{
"db": "CNVD",
"id": "CNVD-2016-06549"
},
{
"db": "BID",
"id": "92506"
},
{
"db": "VULHUB",
"id": "VHN-95644"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-6824",
"trust": 3.4
},
{
"db": "BID",
"id": "92506",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004836",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201608-355",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-06549",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-95644",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06549"
},
{
"db": "VULHUB",
"id": "VHN-95644"
},
{
"db": "BID",
"id": "92506"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004836"
},
{
"db": "NVD",
"id": "CVE-2016-6824"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-355"
}
]
},
"id": "VAR-201609-0565",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06549"
},
{
"db": "VULHUB",
"id": "VHN-95644"
}
],
"trust": 1.4222222333333332
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06549"
}
]
},
"last_update_date": "2023-12-18T13:57:29.268000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20160817-01-ac",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160817-01-ac-en"
},
{
"title": "Patch for multiple Huawei Product Denial of Service Vulnerabilities (CNVD-2016-06549)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/80651"
},
{
"title": "Multiple Huawei Product denial of service vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=63717"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06549"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004836"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-355"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-95644"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004836"
},
{
"db": "NVD",
"id": "CVE-2016-6824"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/92506"
},
{
"trust": 1.7,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160817-01-ac-en"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6824"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6824"
},
{
"trust": 0.3,
"url": "http://www.huawei.com"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/psirt/security-advisories/2016/huawei-sa-20160817-01-ac-en"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06549"
},
{
"db": "VULHUB",
"id": "VHN-95644"
},
{
"db": "BID",
"id": "92506"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004836"
},
{
"db": "NVD",
"id": "CVE-2016-6824"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-355"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-06549"
},
{
"db": "VULHUB",
"id": "VHN-95644"
},
{
"db": "BID",
"id": "92506"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004836"
},
{
"db": "NVD",
"id": "CVE-2016-6824"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-355"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-08-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-06549"
},
{
"date": "2016-09-22T00:00:00",
"db": "VULHUB",
"id": "VHN-95644"
},
{
"date": "2016-08-17T00:00:00",
"db": "BID",
"id": "92506"
},
{
"date": "2016-09-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004836"
},
{
"date": "2016-09-22T15:59:07.443000",
"db": "NVD",
"id": "CVE-2016-6824"
},
{
"date": "2016-08-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201608-355"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-08-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-06549"
},
{
"date": "2016-09-22T00:00:00",
"db": "VULHUB",
"id": "VHN-95644"
},
{
"date": "2016-08-17T00:00:00",
"db": "BID",
"id": "92506"
},
{
"date": "2016-09-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004836"
},
{
"date": "2016-09-22T17:26:39.827000",
"db": "NVD",
"id": "CVE-2016-6824"
},
{
"date": "2016-09-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201608-355"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201608-355"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Service operation interruption in software of access controller products (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004836"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201608-355"
}
],
"trust": 0.6
}
}
var-201704-0113
Vulnerability from variot
Huawei switches S5700, S6700, S7700, S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00; S12700 with software V200R005C00SPC500, V200R006C00; ACU2 with software V200R005C00SPC500, V200R006C00 have a permission control vulnerability. If a switch enables Authentication, Authorization, and Accounting (AAA) for permission control and user permissions are not appropriate, AAA users may obtain the virtual type terminal (VTY) access permission, resulting in privilege escalation. plural Huawei The switch software contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. The Huawei S5700 and others are all enterprise-level switches of China's Huawei (Huawei). Attackers can exploit this vulnerability to gain access to VTY (virtual type terminal). The following products and versions are affected: Huawei S5700 V200R001C00SPC300 Version, V200R002C00SPC100 Version, V200R003C00SPC300 Version, V200R005C00SPC500 Version, V200R006C00 Version; S6700 V200R001C00SPC300 Version, V200R002C00SPC100 Version, V200R003C00SPC300 Version, V200R005C00SPC500 Version, V200R006C00 Version; S7700 V200R001C00SPC300 Version, V200R002C00SPC100 Version, V200R003C00SPC300 Version, V200R005C00SPC500 Version, V200R006C00 Version; S9700 V200R001C00SPC300 Version, V200R002C00SPC100 Version, V200R003C00SPC300 Version, V200R005C00SPC500 Version, V200R006C00 Version; S12700 V200R005C00SPC500 Version, V200R006C00 Version; ACU2 V200R005C00SPC500 Version, V200R006C00 Version
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-0113",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acu2",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r005c00spc500"
},
{
"model": "s9700",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r003c00spc300"
},
{
"model": "s9700",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "s9700",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r005c00spc500"
},
{
"model": "s12700",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "s7700",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r005c00spc500"
},
{
"model": "s5700",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r001c00spc300"
},
{
"model": "s12700",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r005c00spc500"
},
{
"model": "s5700",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r002c00spc100"
},
{
"model": "acu2",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "s6700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c00spc300"
},
{
"model": "s6700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "s7700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c00spc300"
},
{
"model": "s9700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c00spc300"
},
{
"model": "s6700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c00spc500"
},
{
"model": "s6700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r002c00spc100"
},
{
"model": "s7700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "s7700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c00spc300"
},
{
"model": "s9700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r002c00spc100"
},
{
"model": "s7700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r002c00spc100"
},
{
"model": "s5700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c00spc300"
},
{
"model": "s5700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "s5700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c00spc500"
},
{
"model": "s6700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c00spc300"
},
{
"model": "acu2",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "s12700",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "s5700",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "s6700",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "s7700",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "s9700",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008262"
},
{
"db": "NVD",
"id": "CVE-2016-2404"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-193"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s5700_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:s5700_firmware:v200r002c00spc100:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:s5700_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:s5700_firmware:v200r005c00spc500:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:s5700_firmware:v200r006c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s6700_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:s6700_firmware:v200r002c00spc100:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:s6700_firmware:v200r005c00spc500:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:s6700_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:s6700_firmware:v200r006c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s7700_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:s7700_firmware:v200r002c00spc100:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:s7700_firmware:v200r005c00spc500:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:s7700_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:s7700_firmware:v200r006c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s9700_firmware:v200r006c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:s9700_firmware:v200r002c00spc100:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:s9700_firmware:v200r005c00spc500:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:s9700_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:s9700_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s12700_firmware:v200r006c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:s12700_firmware:v200r005c00spc500:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:acu2_firmware:v200r005c00spc500:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:acu2_firmware:v200r006c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:acu2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2404"
}
]
},
"cve": "CVE-2016-2404",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-2404",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "VHN-91223",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-2404",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-2404",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201704-193",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-91223",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-91223"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008262"
},
{
"db": "NVD",
"id": "CVE-2016-2404"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-193"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei switches S5700, S6700, S7700, S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00; S12700 with software V200R005C00SPC500, V200R006C00; ACU2 with software V200R005C00SPC500, V200R006C00 have a permission control vulnerability. If a switch enables Authentication, Authorization, and Accounting (AAA) for permission control and user permissions are not appropriate, AAA users may obtain the virtual type terminal (VTY) access permission, resulting in privilege escalation. plural Huawei The switch software contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. The Huawei S5700 and others are all enterprise-level switches of China\u0027s Huawei (Huawei). Attackers can exploit this vulnerability to gain access to VTY (virtual type terminal). The following products and versions are affected: Huawei S5700 V200R001C00SPC300 Version, V200R002C00SPC100 Version, V200R003C00SPC300 Version, V200R005C00SPC500 Version, V200R006C00 Version; S6700 V200R001C00SPC300 Version, V200R002C00SPC100 Version, V200R003C00SPC300 Version, V200R005C00SPC500 Version, V200R006C00 Version; S7700 V200R001C00SPC300 Version, V200R002C00SPC100 Version, V200R003C00SPC300 Version, V200R005C00SPC500 Version, V200R006C00 Version; S9700 V200R001C00SPC300 Version, V200R002C00SPC100 Version, V200R003C00SPC300 Version, V200R005C00SPC500 Version, V200R006C00 Version; S12700 V200R005C00SPC500 Version, V200R006C00 Version; ACU2 V200R005C00SPC500 Version, V200R006C00 Version",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2404"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008262"
},
{
"db": "VULHUB",
"id": "VHN-91223"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-2404",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008262",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201704-193",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-91223",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-91223"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008262"
},
{
"db": "NVD",
"id": "CVE-2016-2404"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-193"
}
]
},
"id": "VAR-201704-0113",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-91223"
}
],
"trust": 0.6649307799999999
},
"last_update_date": "2023-12-18T13:03:08.931000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20160217-01-switch",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160217-01-switch-en"
},
{
"title": "Various Huawei patch permissions and access control vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=69041"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008262"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-193"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-91223"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008262"
},
{
"db": "NVD",
"id": "CVE-2016-2404"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160217-01-switch-en"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2404"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2404"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-91223"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008262"
},
{
"db": "NVD",
"id": "CVE-2016-2404"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-193"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-91223"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008262"
},
{
"db": "NVD",
"id": "CVE-2016-2404"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-193"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-91223"
},
{
"date": "2017-05-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008262"
},
{
"date": "2017-04-02T20:59:00.860000",
"db": "NVD",
"id": "CVE-2016-2404"
},
{
"date": "2017-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-193"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-11T00:00:00",
"db": "VULHUB",
"id": "VHN-91223"
},
{
"date": "2017-05-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008262"
},
{
"date": "2017-04-11T01:11:21.077000",
"db": "NVD",
"id": "CVE-2016-2404"
},
{
"date": "2017-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-193"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-193"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Vulnerability related to authorization, authority, and access control in switch software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008262"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-193"
}
],
"trust": 0.6
}
}
cve-2016-2404
Vulnerability from cvelistv5
Published
2017-04-02 20:00
Modified
2024-08-05 23:24
Severity ?
EPSS score ?
Summary
Huawei switches S5700, S6700, S7700, S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00; S12700 with software V200R005C00SPC500, V200R006C00; ACU2 with software V200R005C00SPC500, V200R006C00 have a permission control vulnerability. If a switch enables Authentication, Authorization, and Accounting (AAA) for permission control and user permissions are not appropriate, AAA users may obtain the virtual type terminal (VTY) access permission, resulting in privilege escalation.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160217-01-switch-en | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | S5700, S6700, S7700, S9700,S12700,ACU2,, S5700, S6700, S7700, S9700 V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00,,S12700 V200R005C00SPC500, V200R006C00,,ACU2 V200R005C00SPC500, V200R006C00, |
Version: S5700, S6700, S7700, S9700,S12700,ACU2,, S5700, S6700, S7700, S9700 V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00,,S12700 V200R005C00SPC500, V200R006C00,,ACU2 V200R005C00SPC500, V200R006C00, |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:24:49.290Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160217-01-switch-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "S5700, S6700, S7700, S9700,S12700,ACU2,, S5700, S6700, S7700, S9700 V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00,,S12700 V200R005C00SPC500, V200R006C00,,ACU2 V200R005C00SPC500, V200R006C00,",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "S5700, S6700, S7700, S9700,S12700,ACU2,, S5700, S6700, S7700, S9700 V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00,,S12700 V200R005C00SPC500, V200R006C00,,ACU2 V200R005C00SPC500, V200R006C00,"
}
]
}
],
"datePublic": "2017-03-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei switches S5700, S6700, S7700, S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00; S12700 with software V200R005C00SPC500, V200R006C00; ACU2 with software V200R005C00SPC500, V200R006C00 have a permission control vulnerability. If a switch enables Authentication, Authorization, and Accounting (AAA) for permission control and user permissions are not appropriate, AAA users may obtain the virtual type terminal (VTY) access permission, resulting in privilege escalation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Permission Control",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-02T19:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160217-01-switch-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2016-2404",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "S5700, S6700, S7700, S9700,S12700,ACU2,, S5700, S6700, S7700, S9700 V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00,,S12700 V200R005C00SPC500, V200R006C00,,ACU2 V200R005C00SPC500, V200R006C00,",
"version": {
"version_data": [
{
"version_value": "S5700, S6700, S7700, S9700,S12700,ACU2,, S5700, S6700, S7700, S9700 V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00,,S12700 V200R005C00SPC500, V200R006C00,,ACU2 V200R005C00SPC500, V200R006C00,"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei switches S5700, S6700, S7700, S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00; S12700 with software V200R005C00SPC500, V200R006C00; ACU2 with software V200R005C00SPC500, V200R006C00 have a permission control vulnerability. If a switch enables Authentication, Authorization, and Accounting (AAA) for permission control and user permissions are not appropriate, AAA users may obtain the virtual type terminal (VTY) access permission, resulting in privilege escalation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Permission Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160217-01-switch-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160217-01-switch-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2016-2404",
"datePublished": "2017-04-02T20:00:00",
"dateReserved": "2016-02-18T00:00:00",
"dateUpdated": "2024-08-05T23:24:49.290Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-6824
Vulnerability from cvelistv5
Published
2016-09-22 15:00
Modified
2024-08-06 01:43
Severity ?
EPSS score ?
Summary
Huawei AC6003, AC6005, AC6605, and ACU2 access controllers with software before V200R006C10SPC200 allows remote authenticated users to cause a denial of service (device restart) via crafted CAPWAP packets.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160817-01-ac-en | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/92506 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:37.991Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160817-01-ac-en"
},
{
"name": "92506",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92506"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-08-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei AC6003, AC6005, AC6605, and ACU2 access controllers with software before V200R006C10SPC200 allows remote authenticated users to cause a denial of service (device restart) via crafted CAPWAP packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-09-22T14:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160817-01-ac-en"
},
{
"name": "92506",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92506"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6824",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei AC6003, AC6005, AC6605, and ACU2 access controllers with software before V200R006C10SPC200 allows remote authenticated users to cause a denial of service (device restart) via crafted CAPWAP packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160817-01-ac-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160817-01-ac-en"
},
{
"name": "92506",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92506"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-6824",
"datePublished": "2016-09-22T15:00:00",
"dateReserved": "2016-08-16T00:00:00",
"dateUpdated": "2024-08-06T01:43:37.991Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}