CVE-2016-6901 - OpenCVE

Format string vulnerability in Huawei AR100, AR120, AR150, AR200, AR500, AR550, AR1200, AR2200, AR2500, AR3200, and AR3600 routers with software before V200R007C00SPC900 and NetEngine 16EX routers with software before V200R007C00SPC900 allows remote authenticated users to cause a denial of service via format string specifiers in vectors involving partial commands.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:N/AC:L/Au:S/C:N/I:N/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Huawei	Ar3600 Ar200 Netengine 16ex Firmware Ar Firmware Ar550 Ar100 Ar150 Ar500 Ar3200 Ar2200 Ar1200 Ar2500 Ar120 Netengine 16ex

Configuration 1 [-]

AND

OR	cpe:2.3:o:huawei:ar_firmware:v200r005:::::::*
	cpe:2.3:o:huawei:ar_firmware:v200r006:::::::*
	cpe:2.3:o:huawei:ar_firmware:v200r007c00:::::::*

OR	cpe:2.3:h:huawei:ar100:-:::::::*
	cpe:2.3:h:huawei:ar120:-:::::::*
	cpe:2.3:h:huawei:ar1200:-:::::::*
	cpe:2.3:h:huawei:ar150:-:::::::*
	cpe:2.3:h:huawei:ar200:-:::::::*
	cpe:2.3:h:huawei:ar2200:-:::::::*
	cpe:2.3:h:huawei:ar2500:-:::::::*
	cpe:2.3:h:huawei:ar3200:-:::::::*
	cpe:2.3:h:huawei:ar3600:-:::::::*
	cpe:2.3:h:huawei:ar500:-:::::::*
	cpe:2.3:h:huawei:ar550:-:::::::*

Configuration 2 [-]

AND

OR	cpe:2.3:o:huawei:netengine_16ex_firmware:v200r005:::::::*
	cpe:2.3:o:huawei:netengine_16ex_firmware:v200r006:::::::*
	cpe:2.3:o:huawei:netengine_16ex_firmware:v200r007c00:::::::*

cpe:2.3:h:huawei:netengine_16ex:-:*:*:*:*:*:*:*

References

Link	Resource
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160824-01-vrp-en	Vendor Advisory
http://www.securityfocus.com/bid/92618	Third Party Advisory VDB Entry

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2016-09-26T16:00:00

Updated: 2016-09-26T15:57:01

Reserved: 2016-08-22T00:00:00

Link: CVE-2016-6901

JSON object: View

NVD Information

Status : Analyzed

Published: 2016-09-26T16:59:08.040

Modified: 2016-09-28T13:51:33.013

Link: CVE-2016-6901

JSON object: View

Redhat Information

No data.

CWE

CWE-20

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-08-24T00:00:00", "descriptions": [{"lang": "en", "value": "Format string vulnerability in Huawei AR100, AR120, AR150, AR200, AR500, AR550, AR1200, AR2200, AR2500, AR3200, and AR3600 routers with software before V200R007C00SPC900 and NetEngine 16EX routers with software before V200R007C00SPC900 allows remote authenticated users to cause a denial of service via format string specifiers in vectors involving partial commands."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-09-26T15:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "92618", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/92618"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160824-01-vrp-en"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-6901", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Format string vulnerability in Huawei AR100, AR120, AR150, AR200, AR500, AR550, AR1200, AR2200, AR2500, AR3200, and AR3600 routers with software before V200R007C00SPC900 and NetEngine 16EX routers with software before V200R007C00SPC900 allows remote authenticated users to cause a denial of service via format string specifiers in vectors involving partial commands."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "92618", "refsource": "BID", "url": "http://www.securityfocus.com/bid/92618"}, {"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160824-01-vrp-en", "refsource": "CONFIRM", "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160824-01-vrp-en"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-6901", "datePublished": "2016-09-26T16:00:00", "dateReserved": "2016-08-22T00:00:00", "dateUpdated": "2016-09-26T15:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar_firmware:v200r005:*:*:*:*:*:*:*", "matchCriteriaId": "1218BE7F-D708-4055-9C90-061A392871E7", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar_firmware:v200r006:*:*:*:*:*:*:*", "matchCriteriaId": "EB3CC140-37A9-48B9-B4C3-5024E5B9CF5F", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar_firmware:v200r007c00:*:*:*:*:*:*:*", "matchCriteriaId": "6768AB85-7F68-4C78-BC11-2EBE81AABC89", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar100:-:*:*:*:*:*:*:*", "matchCriteriaId": "D1026E62-E92D-484A-AA47-EFEFCB40313B", "vulnerable": false}, {"criteria": "cpe:2.3:h:huawei:ar120:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5BBD38E-5589-450D-BC91-A581272DEE19", "vulnerable": false}, {"criteria": "cpe:2.3:h:huawei:ar1200:-:*:*:*:*:*:*:*", "matchCriteriaId": "D4BA4150-8CA8-48BF-9D45-ABC8AC710060", "vulnerable": false}, {"criteria": "cpe:2.3:h:huawei:ar150:-:*:*:*:*:*:*:*", "matchCriteriaId": "526371A8-11FE-4D00-AFBB-8E867A320B27", "vulnerable": false}, {"criteria": "cpe:2.3:h:huawei:ar200:-:*:*:*:*:*:*:*", "matchCriteriaId": "2562CCF8-A4A7-4ACD-AA67-E3DB8B5ADA92", "vulnerable": false}, {"criteria": "cpe:2.3:h:huawei:ar2200:-:*:*:*:*:*:*:*", "matchCriteriaId": "50662078-4827-4706-AE29-170E2239C5AE", "vulnerable": false}, {"criteria": "cpe:2.3:h:huawei:ar2500:-:*:*:*:*:*:*:*", "matchCriteriaId": "14617073-D349-4ACE-81F7-57956AA96985", "vulnerable": false}, {"criteria": "cpe:2.3:h:huawei:ar3200:-:*:*:*:*:*:*:*", "matchCriteriaId": "9309E1AA-0C4E-422C-9307-A8DD0AE5D576", "vulnerable": false}, {"criteria": "cpe:2.3:h:huawei:ar3600:-:*:*:*:*:*:*:*", "matchCriteriaId": "D30DC2EA-1F76-4CA6-BAC2-8DC796BE50B1", "vulnerable": false}, {"criteria": "cpe:2.3:h:huawei:ar500:-:*:*:*:*:*:*:*", "matchCriteriaId": "30A84EEE-E321-43DA-AC40-096491F9AA81", "vulnerable": false}, {"criteria": "cpe:2.3:h:huawei:ar550:-:*:*:*:*:*:*:*", "matchCriteriaId": "CED2E3EE-2B0D-4C11-AF55-D7FD011E52D1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:netengine_16ex_firmware:v200r005:*:*:*:*:*:*:*", "matchCriteriaId": "42F8FCC1-8A62-44D4-93FD-1CAE470E9A76", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:netengine_16ex_firmware:v200r006:*:*:*:*:*:*:*", "matchCriteriaId": "2BC975B7-6C07-42E3-9783-6B32F5617986", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:netengine_16ex_firmware:v200r007c00:*:*:*:*:*:*:*", "matchCriteriaId": "137ADAFD-9C2E-430F-95FC-4FBDF71B8377", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:netengine_16ex:-:*:*:*:*:*:*:*", "matchCriteriaId": "7F1D336A-FB14-4DA7-9EAE-DDE6E51C268F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Format string vulnerability in Huawei AR100, AR120, AR150, AR200, AR500, AR550, AR1200, AR2200, AR2500, AR3200, and AR3600 routers with software before V200R007C00SPC900 and NetEngine 16EX routers with software before V200R007C00SPC900 allows remote authenticated users to cause a denial of service via format string specifiers in vectors involving partial commands."}, {"lang": "es", "value": "Vulnerabilidad de formato de cadena en routers Huawei AR100, AR120, AR150, AR200, AR500, AR550, AR1200, AR2200, AR2500, AR3200 y AR3600 con software en versiones anteriores a V200R007C00SPC900 y routers NetEngine 16EX con software en versiones anteriores a V200R007C00SPC900 permite a usuarios remotos autenticados provocar una denegaci\u00f3n de servicio a trav\u00e9s de especificadores de cadena de formato en vectores que involucran comandos parciales."}], "id": "CVE-2016-6901", "lastModified": "2016-09-28T13:51:33.013", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 6.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-09-26T16:59:08.040", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160824-01-vrp-en"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/92618"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}