cvelistv5 - cve-2016-1000214

CVE-2016-1000214 (GCVE-0-2016-1000214)

Vulnerability from cvelistv5 – Published: 2016-10-25 14:00 – Updated: 2024-08-06 03:55

Summary

Ruckus Wireless H500 web management interface authentication bypass

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b5…	x_refsource_CONFIRM
	https://www.tripwire.com/state-of-security/vulner…	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:55:27.498Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-08-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Ruckus Wireless H500 web management interface authentication bypass"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-06T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-1000214",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Ruckus Wireless H500 web management interface authentication bypass"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt",
              "refsource": "CONFIRM",
              "url": "http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt"
            },
            {
              "name": "https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability/",
              "refsource": "MISC",
              "url": "https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-1000214",
    "datePublished": "2016-10-25T14:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T03:55:27.498Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:ruckus:wireless_h500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0C92E2C9-FE89-4620-A32B-E3BF969C10B2\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Ruckus Wireless H500 web management interface authentication bypass\"}, {\"lang\": \"es\", \"value\": \"Elusi\\u00f3n de autenticaci\\u00f3n en la interfaz de gesti\\u00f3n web en Ruckus Wireless H500\"}]",
      "id": "CVE-2016-1000214",
      "lastModified": "2024-11-21T02:43:00.043",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 1.4}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": true, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2016-10-25T14:29:06.260",
      "references": "[{\"url\": \"http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Technical Description\", \"Third Party Advisory\"]}, {\"url\": \"http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Technical Description\", \"Third Party Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vendorComments": "[{\"organization\": \"Ruckus Wireless\", \"comment\": \"Update on vulnerabilities in Web GUI Interface on Ruckus Unmanaged-APs - CVE-2016-1000213, CVE-2016-1000214, CVE-2016-1000215, CVE-2016-1000216. \u003cbr /\u003e https://www.ruckuswireless.com/security \u003cbr /\u003e http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt\", \"lastModified\": \"2017-06-28T09:58:21.037\"}]",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-200\"}, {\"lang\": \"en\", \"value\": \"CWE-287\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-1000214\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2016-10-25T14:29:06.260\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Ruckus Wireless H500 web management interface authentication bypass\"},{\"lang\":\"es\",\"value\":\"Elusi\u00f3n de autenticaci\u00f3n en la interfaz de gesti\u00f3n web en Ruckus Wireless H500\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":true,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"},{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:ruckus:wireless_h500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C92E2C9-FE89-4620-A32B-E3BF969C10B2\"}]}]}],\"references\":[{\"url\":\"http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Technical Description\",\"Third Party Advisory\"]},{\"url\":\"http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Technical Description\",\"Third Party Advisory\"]}],\"vendorComments\":[{\"organization\":\"Ruckus Wireless\",\"comment\":\"Update on vulnerabilities in Web GUI Interface on Ruckus Unmanaged-APs - CVE-2016-1000213, CVE-2016-1000214, CVE-2016-1000215, CVE-2016-1000216. \u003cbr /\u003e https://www.ruckuswireless.com/security \u003cbr /\u003e http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt\",\"lastModified\":\"2017-06-28T09:58:21.037\"}]}}"
  }
}

GSD-2016-1000214

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Ruckus Wireless H500 web management interface authentication bypass

Aliases

CVE-2016-1000214

Aliases

CVE-2016-1000214

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-1000214",
    "description": "Ruckus Wireless H500 web management interface authentication bypass",
    "id": "GSD-2016-1000214"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-1000214"
      ],
      "details": "Ruckus Wireless H500 web management interface authentication bypass",
      "id": "GSD-2016-1000214",
      "modified": "2023-12-13T01:21:18.090703Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2016-1000214",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Ruckus Wireless H500 web management interface authentication bypass"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt",
            "refsource": "CONFIRM",
            "url": "http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt"
          },
          {
            "name": "https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability/",
            "refsource": "MISC",
            "url": "https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:ruckus:wireless_h500:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-1000214"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Ruckus Wireless H500 web management interface authentication bypass"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-287"
                },
                {
                  "lang": "en",
                  "value": "CWE-200"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability/",
              "refsource": "MISC",
              "tags": [
                "Technical Description",
                "Third Party Advisory"
              ],
              "url": "https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability/"
            },
            {
              "name": "http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": true,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 1.4
        }
      },
      "lastModifiedDate": "2017-07-07T01:29Z",
      "publishedDate": "2016-10-25T14:29Z"
    }
  }
}

CNVD-2016-10446

Vulnerability from cnvd - Published: 2016-11-01

Title

Ruckus Wireless H500身份验证绕过漏洞

Description

Ruckus Wireless H500是美国Ruckus Wireless公司的一款室内墙面交换机接入点。web management interface是其中的一个基于Web的管理接口。 Ruckus Wireless H500 Web管理界面存在身份验证绕过漏洞。攻击者可通过发送带有特制字符串的请求利用该漏洞绕过安全限制。

Severity

中

Formal description

目前厂商暂未发布修复措施解决此安全问题，建议使用此软件的用户随时关注厂商主页或参考网址以获取解决办法： http://www.ruckuswireless.com/

Reference

https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability/

Impacted products

Name
Ruckus Wireless, Inc. H500

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-1000214"
    }
  },
  "description": "Ruckus Wireless H500\u662f\u7f8e\u56fdRuckus Wireless\u516c\u53f8\u7684\u4e00\u6b3e\u5ba4\u5185\u5899\u9762\u4ea4\u6362\u673a\u63a5\u5165\u70b9\u3002web management interface\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u57fa\u4e8eWeb\u7684\u7ba1\u7406\u63a5\u53e3\u3002\r\n\r\nRuckus Wireless H500 Web\u7ba1\u7406\u754c\u9762\u5b58\u5728\u8eab\u4efd\u9a8c\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u53d1\u9001\u5e26\u6709\u7279\u5236\u5b57\u7b26\u4e32\u7684\u8bf7\u6c42\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u5b89\u5168\u9650\u5236\u3002",
  "discovererName": "unknown",
  "formalWay": "\u76ee\u524d\u5382\u5546\u6682\u672a\u53d1\u5e03\u4fee\u590d\u63aa\u65bd\u89e3\u51b3\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u5efa\u8bae\u4f7f\u7528\u6b64\u8f6f\u4ef6\u7684\u7528\u6237\u968f\u65f6\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u6216\u53c2\u8003\u7f51\u5740\u4ee5\u83b7\u53d6\u89e3\u51b3\u529e\u6cd5\uff1a\r\nhttp://www.ruckuswireless.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-10446",
  "openTime": "2016-11-01",
  "products": {
    "product": "Ruckus Wireless, Inc. H500"
  },
  "referenceLink": "https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability/",
  "serverity": "\u4e2d",
  "submitTime": "2016-10-27",
  "title": "Ruckus Wireless H500\u8eab\u4efd\u9a8c\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e"
}

VAR-201610-0375

Vulnerability from variot - Updated: 2023-12-18 13:29

Ruckus Wireless H500 web management interface authentication bypass. The Ruckus Wireless H500 is an indoor wall switch access point for Ruckus Wireless in the United States. Webmanagementinterface is one of the web-based management interfaces. An attacker could exploit the vulnerability to bypass security restrictions by sending a request with a specially crafted string

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201610-0375",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wireless h500",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ruckus",
        "version": null
      },
      {
        "model": "zoneflex h500",
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus",
        "version": null
      },
      {
        "model": "h500",
        "scope": null,
        "trust": 0.6,
        "vendor": "ruckus",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-10446"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005623"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1000214"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-735"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:ruckus:wireless_h500:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-1000214"
      }
    ]
  },
  "cve": "CVE-2016-1000214",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": true,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 5.0,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2016-1000214",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2016-10446",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-88666",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 1.4,
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 5.3,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2016-1000214",
            "impactScore": null,
            "integrityImpact": "Low",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2016-1000214",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2016-10446",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201610-735",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-88666",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-10446"
      },
      {
        "db": "VULHUB",
        "id": "VHN-88666"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005623"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1000214"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-735"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ruckus Wireless H500 web management interface authentication bypass. The Ruckus Wireless H500 is an indoor wall switch access point for Ruckus Wireless in the United States. Webmanagementinterface is one of the web-based management interfaces. An attacker could exploit the vulnerability to bypass security restrictions by sending a request with a specially crafted string",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-1000214"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005623"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-10446"
      },
      {
        "db": "VULHUB",
        "id": "VHN-88666"
      }
    ],
    "trust": 2.25
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-1000214",
        "trust": 3.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005623",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-735",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-10446",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-88666",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-10446"
      },
      {
        "db": "VULHUB",
        "id": "VHN-88666"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005623"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1000214"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-735"
      }
    ]
  },
  "id": "VAR-201610-0375",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-10446"
      },
      {
        "db": "VULHUB",
        "id": "VHN-88666"
      }
    ],
    "trust": 1.7
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-10446"
      }
    ]
  },
  "last_update_date": "2023-12-18T13:29:27.268000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "ZoneFlex H500",
        "trust": 0.8,
        "url": "https://www.ruckuswireless.com/products/access-points/zoneflex-indoor/zoneflex-h500"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005623"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-200",
        "trust": 1.9
      },
      {
        "problemtype": "CWE-287",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-88666"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005623"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1000214"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.1,
        "url": "https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability/"
      },
      {
        "trust": 1.1,
        "url": "http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1000214"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1000214"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-10446"
      },
      {
        "db": "VULHUB",
        "id": "VHN-88666"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005623"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1000214"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-735"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-10446"
      },
      {
        "db": "VULHUB",
        "id": "VHN-88666"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005623"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1000214"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-735"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-11-01T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-10446"
      },
      {
        "date": "2016-10-25T00:00:00",
        "db": "VULHUB",
        "id": "VHN-88666"
      },
      {
        "date": "2016-10-31T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-005623"
      },
      {
        "date": "2016-10-25T14:29:06.260000",
        "db": "NVD",
        "id": "CVE-2016-1000214"
      },
      {
        "date": "2016-10-26T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201610-735"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-11-01T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-10446"
      },
      {
        "date": "2017-07-07T00:00:00",
        "db": "VULHUB",
        "id": "VHN-88666"
      },
      {
        "date": "2016-10-31T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-005623"
      },
      {
        "date": "2017-07-07T01:29:00.323000",
        "db": "NVD",
        "id": "CVE-2016-1000214"
      },
      {
        "date": "2016-10-26T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201610-735"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-735"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ruckus Wireless H500 Authentication Bypass Vulnerability",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-10446"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-735"
      }
    ],
    "trust": 1.2
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "information disclosure",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-735"
      }
    ],
    "trust": 0.6
  }
}

FKIE_CVE-2016-1000214

Vulnerability from fkie_nvd - Published: 2016-10-25 14:29 - Updated: 2025-04-12 10:46

Severity ?

5.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Summary

Ruckus Wireless H500 web management interface authentication bypass

References

URL	Tags
cve@mitre.org	http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt
cve@mitre.org	https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability/	Technical Description, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt
af854a3a-2127-422b-91ae-364da2661108	https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability/	Technical Description, Third Party Advisory

Impacted products

	Vendor	Product	Version
	ruckus	wireless_h500	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ruckus:wireless_h500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C92E2C9-FE89-4620-A32B-E3BF969C10B2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Ruckus Wireless H500 web management interface authentication bypass"
    },
    {
      "lang": "es",
      "value": "Elusi\u00f3n de autenticaci\u00f3n en la interfaz de gesti\u00f3n web en Ruckus Wireless H500"
    }
  ],
  "id": "CVE-2016-1000214",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-10-25T14:29:06.260",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Update on vulnerabilities in Web GUI Interface on Ruckus Unmanaged-APs - CVE-2016-1000213, CVE-2016-1000214, CVE-2016-1000215, CVE-2016-1000216. \u003cbr /\u003e https://www.ruckuswireless.com/security \u003cbr /\u003e http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt",
      "lastModified": "2017-06-28T09:58:21.037",
      "organization": "Ruckus Wireless"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        },
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-P8GQ-6G4J-HH3F

Vulnerability from github – Published: 2022-05-17 02:35 – Updated: 2025-04-12 13:05

Details

Ruckus Wireless H500 web management interface authentication bypass

Severity ?

5.3 (Medium)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-1000214"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-287"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-10-25T14:29:00Z",
    "severity": "MODERATE"
  },
  "details": "Ruckus Wireless H500 web management interface authentication bypass",
  "id": "GHSA-p8gq-6g4j-hh3f",
  "modified": "2025-04-12T13:05:46Z",
  "published": "2022-05-17T02:35:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000214"
    },
    {
      "type": "WEB",
      "url": "https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability"
    },
    {
      "type": "WEB",
      "url": "http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2016-1000214 (GCVE-0-2016-1000214)

GSD-2016-1000214

CNVD-2016-10446

VAR-201610-0375

FKIE_CVE-2016-1000214

GHSA-P8GQ-6G4J-HH3F

Tags

Sightings

Nomenclature