CVE-2016-2404

Published Apr 2, 2017

Last updated 8 years ago

CVSS high 7.5

Overview

Description: Huawei switches S5700, S6700, S7700, S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00; S12700 with software V200R005C00SPC500, V200R006C00; ACU2 with software V200R005C00SPC500, V200R006C00 have a permission control vulnerability. If a switch enables Authentication, Authorization, and Accounting (AAA) for permission control and user permissions are not appropriate, AAA users may obtain the virtual type terminal (VTY) access permission, resulting in privilege escalation.
Source: psirt@huawei.com
NVD status: Analyzed

Risk scores

CVSS 3.0

Type: Primary
Base score: 7.5
Impact score: 5.9
Exploitability score: 1.6
Vector string: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 6
Impact score: 6.4
Exploitability score: 6.8
Vector string: AV:N/AC:M/Au:S/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-264

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "121BEE57-945E-4368-8AE4-4A823D70D31C"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r002c00spc100:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EBC629F6-BF42-4C2B-8CB1-2C4412C8D95A"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DEC329F7-D83F-4119-B8CA-CC819EC872CB"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c00spc500:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B3B076D-F61E-4BE0-B808-D86EB6A83D92"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r006c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5973A534-F961-4A97-B20E-994BA28AFE29"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4AF84CB7-7EC9-4978-A4F6-FD5746AF1CE9"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r002c00spc100:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AFFF09EB-AA08-4204-B028-182933EC9700"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7D5033F0-7E4F-431A-B4EA-E5D5D1FCFE5E"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c00spc500:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "96FF5103-C97A-443A-8475-0E99A0175455"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r006c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9FD4718F-473A-490E-8DFC-6A09FECDDD90"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "07A44DEA-AB17-48F4-87C1-B3B6088BCD82"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r002c00spc100:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EEBEE7C8-0AB6-4BCE-A2C1-6A4CB4BF68AB"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7CE013D0-4D00-46E1-9F7F-6711DCC9B8BD"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r005c00spc500:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "741262BB-C214-482D-A7BE-A480A985258B"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r006c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EF3FB3CC-2EAC-4A08-BDDC-DCACEE9FA2AE"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E4EE71EF-90D8-40C6-9E80-A543ED32E976"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r002c00spc100:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F5C9C9CF-A5E1-4461-8B1E-1C572BB3D59A"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C892C736-F14F-4A3F-9645-CB74A289DA36"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r005c00spc500:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C2D737B8-3A28-4465-A394-E2D5DA8C1927"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r006c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6AC7E622-010C-4C5D-8AA6-D4793AFCE0E0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "75FAA4BF-1ED0-4059-ADA1-071AF1BF2882"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r005c00spc500:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "790FC933-C4E3-471A-B1C1-8E7ECD93748F"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r006c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D6F2C4C7-3438-42B8-8999-C17E45C8CF49"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:acu2_firmware:v200r005c00spc500:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A8307595-31A7-4077-89E6-B4864B22C701"
          },
          {
            "criteria": "cpe:2.3:o:huawei:acu2_firmware:v200r006c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BC1428EF-A60D-4EC8-92F2-64CAD7687D3E"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:acu2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BF525629-AD0D-4CDC-A979-712C841FF7C6"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References