CVE-2016-6901
Published Sep 26, 2016
Last updated 8 years ago
Overview
- Description
- Format string vulnerability in Huawei AR100, AR120, AR150, AR200, AR500, AR550, AR1200, AR2200, AR2500, AR3200, and AR3600 routers with software before V200R007C00SPC900 and NetEngine 16EX routers with software before V200R007C00SPC900 allows remote authenticated users to cause a denial of service via format string specifiers in vectors involving partial commands.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 6.9
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:N/I:N/A:C
Weaknesses
- nvd@nist.gov
- CWE-20
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar_firmware:v200r005:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1218BE7F-D708-4055-9C90-061A392871E7"
},
{
"criteria": "cpe:2.3:o:huawei:ar_firmware:v200r006:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EB3CC140-37A9-48B9-B4C3-5024E5B9CF5F"
},
{
"criteria": "cpe:2.3:o:huawei:ar_firmware:v200r007c00:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6768AB85-7F68-4C78-BC11-2EBE81AABC89"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar100:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D1026E62-E92D-484A-AA47-EFEFCB40313B"
},
{
"criteria": "cpe:2.3:h:huawei:ar120:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B5BBD38E-5589-450D-BC91-A581272DEE19"
},
{
"criteria": "cpe:2.3:h:huawei:ar1200:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D4BA4150-8CA8-48BF-9D45-ABC8AC710060"
},
{
"criteria": "cpe:2.3:h:huawei:ar150:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "526371A8-11FE-4D00-AFBB-8E867A320B27"
},
{
"criteria": "cpe:2.3:h:huawei:ar200:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2562CCF8-A4A7-4ACD-AA67-E3DB8B5ADA92"
},
{
"criteria": "cpe:2.3:h:huawei:ar2200:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "50662078-4827-4706-AE29-170E2239C5AE"
},
{
"criteria": "cpe:2.3:h:huawei:ar2500:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "14617073-D349-4ACE-81F7-57956AA96985"
},
{
"criteria": "cpe:2.3:h:huawei:ar3200:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9309E1AA-0C4E-422C-9307-A8DD0AE5D576"
},
{
"criteria": "cpe:2.3:h:huawei:ar3600:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D30DC2EA-1F76-4CA6-BAC2-8DC796BE50B1"
},
{
"criteria": "cpe:2.3:h:huawei:ar500:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "30A84EEE-E321-43DA-AC40-096491F9AA81"
},
{
"criteria": "cpe:2.3:h:huawei:ar550:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "CED2E3EE-2B0D-4C11-AF55-D7FD011E52D1"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:netengine_16ex_firmware:v200r005:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "42F8FCC1-8A62-44D4-93FD-1CAE470E9A76"
},
{
"criteria": "cpe:2.3:o:huawei:netengine_16ex_firmware:v200r006:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2BC975B7-6C07-42E3-9783-6B32F5617986"
},
{
"criteria": "cpe:2.3:o:huawei:netengine_16ex_firmware:v200r007c00:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "137ADAFD-9C2E-430F-95FC-4FBDF71B8377"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:netengine_16ex:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "7F1D336A-FB14-4DA7-9EAE-DDE6E51C268F"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]