CVE-2016-6824

Published Sep 22, 2016

Last updated 8 years ago

CVSS medium 6.5

Overview

Description: Huawei AC6003, AC6005, AC6605, and ACU2 access controllers with software before V200R006C10SPC200 allows remote authenticated users to cause a denial of service (device restart) via crafted CAPWAP packets.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 3.0

Type: Primary
Base score: 6.5
Impact score: 3.6
Exploitability score: 2.8
Vector string: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.9
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-20

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ac6003_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9F19F953-42DA-4268-82F9-882832CDC0DD",
            "versionEndIncluding": "v200r005c10"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ac6003_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "746998C5-5D0A-4B04-9B7E-100B3E29E1BB",
            "versionEndIncluding": "v200r006c00"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ac6005_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4326174E-9187-49A0-AB05-B450B6C53F31",
            "versionEndIncluding": "v200r005c10"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ac6005_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3B78B3D8-AEF9-4529-8C98-0C1A5C1EFB27",
            "versionEndIncluding": "v200r006c00"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ac6605_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8AB7F764-5246-495B-B342-8D4C8168670B",
            "versionEndIncluding": "v200r005c10"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ac6605_firmware:v200r006c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BEDF9639-FC4A-4749-9AF7-E7FBCF4147B2"
          },
          {
            "criteria": "cpe:2.3:o:huawei:acu2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F0E0490-ADDB-410C-9C76-A10733AB682D",
            "versionEndIncluding": "v200r005c10"
          },
          {
            "criteria": "cpe:2.3:o:huawei:acu2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC142E9C-C281-42DC-B254-6AC7D6B12855",
            "versionEndIncluding": "v200r006c00"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ac6003:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "50521400-DB04-4EA9-A98D-A9A893E8054F"
          },
          {
            "criteria": "cpe:2.3:h:huawei:ac6005:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3681DA94-7184-4DC6-BD73-FCE2DB808F07"
          },
          {
            "criteria": "cpe:2.3:h:huawei:ac6605:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BA1E5AE5-EBB2-4E05-A3C7-E2CA54205FF7"
          },
          {
            "criteria": "cpe:2.3:h:huawei:acu2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BF525629-AD0D-4CDC-A979-712C841FF7C6"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References