var-201605-0334
Vulnerability from variot
Buffer overflow in the Application Specific Packet Filtering (ASPF) functionality in the Huawei IPS Module, NGFW Module, NIP6300, NIP6600, Secospace USG6300, USG6500, USG6600, USG9500, and AntiDDoS8000 devices with software before V500R001C20SPC100 allows remote attackers to cause a denial of service or execute arbitrary code via a crafted packet, related to "illegitimate parameters.". HuaweiIPSModule and other products are China's Huawei's intrusion prevention and intrusion detection products. A buffer overflow vulnerability exists in several Huawei products. An attacker could exploit a vulnerability that would result in a denial of service or arbitrary code by constructing a malformed message containing an illegal parameter. Multiple Huawei Products are prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in denial-of-service conditions. The following Huawei products are affected: IPS Module NGFW Module NIP6300 NIP6600 Secospace USG6300 Secospace USG6500 Secospace USG6600 USG9500 Secospace AntiDDoS8000
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201605-0334",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "secospace antiddos8000",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "usg9500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "nip6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "nip6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "ips module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "ips module",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ips module",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "ngfw module",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ngfw module",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "nip6300",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nip6300",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "nip6600",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nip6600",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "secospace antiddos8000",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "secospace antiddos8000",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "secospace usg6300",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "secospace usg6500",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6500",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "secospace usg6600",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6600",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "usg9500",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "usg9500",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "secospace antiddos8000 \u003cv500r001c20spc100",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "usg9500 \u003cv500r001c20spc100",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6600 \u003cv500r001c20spc100",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6500 \u003cv500r001c20spc100",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300 \u003cv500r001c20spc100",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "nip6600 \u003cv500r001c20spc100",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "nip6300 \u003cv500r001c20spc100",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ngfw module \u003cv500r001c20spc100",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ips module \u003cv500r001c20spc100",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace antiddos8000",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "usg9500",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "nip6600",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "nip6300",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ips module",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-03569"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002908"
},
{
"db": "NVD",
"id": "CVE-2016-4576"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-579"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:secospace_antiddos8000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:secospace_antiddos8000_firmware:v500r001c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r001c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4576"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-579"
}
],
"trust": 0.6
},
"cve": "CVE-2016-4576",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-4576",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-03569",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-93395",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-4576",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-4576",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2016-03569",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201605-579",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-93395",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-03569"
},
{
"db": "VULHUB",
"id": "VHN-93395"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002908"
},
{
"db": "NVD",
"id": "CVE-2016-4576"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-579"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the Application Specific Packet Filtering (ASPF) functionality in the Huawei IPS Module, NGFW Module, NIP6300, NIP6600, Secospace USG6300, USG6500, USG6600, USG9500, and AntiDDoS8000 devices with software before V500R001C20SPC100 allows remote attackers to cause a denial of service or execute arbitrary code via a crafted packet, related to \"illegitimate parameters.\". HuaweiIPSModule and other products are China\u0027s Huawei\u0027s intrusion prevention and intrusion detection products. A buffer overflow vulnerability exists in several Huawei products. An attacker could exploit a vulnerability that would result in a denial of service or arbitrary code by constructing a malformed message containing an illegal parameter. Multiple Huawei Products are prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. \nAttackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in denial-of-service conditions. \nThe following Huawei products are affected:\nIPS Module\nNGFW Module\nNIP6300\nNIP6600\nSecospace USG6300\nSecospace USG6500\nSecospace USG6600\nUSG9500\nSecospace AntiDDoS8000",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4576"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002908"
},
{
"db": "CNVD",
"id": "CNVD-2016-03569"
},
{
"db": "BID",
"id": "90530"
},
{
"db": "VULHUB",
"id": "VHN-93395"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-4576",
"trust": 3.4
},
{
"db": "BID",
"id": "90530",
"trust": 1.4
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002908",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201605-579",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-03569",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-93395",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-03569"
},
{
"db": "VULHUB",
"id": "VHN-93395"
},
{
"db": "BID",
"id": "90530"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002908"
},
{
"db": "NVD",
"id": "CVE-2016-4576"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-579"
}
]
},
"id": "VAR-201605-0334",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-03569"
},
{
"db": "VULHUB",
"id": "VHN-93395"
}
],
"trust": 1.1229237887499999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-03569"
}
]
},
"last_update_date": "2023-12-18T12:05:54.857000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Buffer Overflow Vulnerability in Huawei Several Products (huawei-sa-20160511-01-aspf)",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160511-01-aspf-en"
},
{
"title": "Patches for multiple Huawei product buffer overflow vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/76462"
},
{
"title": "Multiple Huawei Product Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=61892"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-03569"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002908"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-579"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93395"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002908"
},
{
"db": "NVD",
"id": "CVE-2016-4576"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.4,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160511-01-aspf-en"
},
{
"trust": 1.2,
"url": "http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20160511-01-aspf-cn"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/90530"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4576"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4576"
},
{
"trust": 0.3,
"url": "http://www.huawei.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-03569"
},
{
"db": "VULHUB",
"id": "VHN-93395"
},
{
"db": "BID",
"id": "90530"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002908"
},
{
"db": "NVD",
"id": "CVE-2016-4576"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-579"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-03569"
},
{
"db": "VULHUB",
"id": "VHN-93395"
},
{
"db": "BID",
"id": "90530"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002908"
},
{
"db": "NVD",
"id": "CVE-2016-4576"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-579"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-03569"
},
{
"date": "2016-05-23T00:00:00",
"db": "VULHUB",
"id": "VHN-93395"
},
{
"date": "2016-05-11T00:00:00",
"db": "BID",
"id": "90530"
},
{
"date": "2016-05-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002908"
},
{
"date": "2016-05-23T19:59:09.980000",
"db": "NVD",
"id": "CVE-2016-4576"
},
{
"date": "2016-05-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-579"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-03569"
},
{
"date": "2016-11-28T00:00:00",
"db": "VULHUB",
"id": "VHN-93395"
},
{
"date": "2016-07-06T14:48:00",
"db": "BID",
"id": "90530"
},
{
"date": "2016-05-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002908"
},
{
"date": "2016-11-28T20:19:02.057000",
"db": "NVD",
"id": "CVE-2016-4576"
},
{
"date": "2016-05-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-579"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-579"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Device product software Application Specific Packet Filtering Buffer overflow vulnerability in functionality",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002908"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-579"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.