Details of VAR-201609-0563

ID

VAR-201609-0563

CVE

CVE-2016-6901

TITLE

plural Huawei AR Router and NetEngine 16EX Format string vulnerability in router software

Trust: 0.8

sources: JVNDB: JVNDB-2016-005045

DESCRIPTION

Format string vulnerability in Huawei AR100, AR120, AR150, AR200, AR500, AR550, AR1200, AR2200, AR2500, AR3200, and AR3600 routers with software before V200R007C00SPC900 and NetEngine 16EX routers with software before V200R007C00SPC900 allows remote authenticated users to cause a denial of service via format string specifiers in vectors involving partial commands. Huawei AR120 is an AR series enterprise router product of China Huawei. A remote attacker could exploit the vulnerability to cause a denial of service. The following products and versions are affected: AR100, AR120, AR150, AR200, AR500, AR550, AR1200, AR2200, AR2500, AR3200, AR3600 V200R005, V200R006, V200R007C00, NetEngine 16EX V200R005, V200R00000, V20

Trust: 2.52

sources: NVD: CVE-2016-6901 // JVNDB: JVNDB-2016-005045 // CNVD: CNVD-2016-06762 // BID: 92618 // VULHUB: VHN-95721

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-06762

AFFECTED PRODUCTS

vendor:	huawei	model:	netengine 16ex	scope:	eq	version:	v200r007c00	Trust: 1.6
vendor:	huawei	model:	ar	scope:	eq	version:	v200r007c00	Trust: 1.6
vendor:	huawei	model:	netengine 16ex	scope:	eq	version:	v200r005	Trust: 1.6
vendor:	huawei	model:	netengine 16ex	scope:	eq	version:	v200r006	Trust: 1.6
vendor:	huawei	model:	ar	scope:	eq	version:	v200r005	Trust: 1.6
vendor:	huawei	model:	ar	scope:	eq	version:	v200r006	Trust: 1.6
vendor:	huawei	model:	ar router	scope:	lt	version:	v200r007c00spc900	Trust: 0.8
vendor:	huawei	model:	ar100	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ar120	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ar1200	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ar150	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ar200	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ar2200	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ar2500	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ar3200	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ar3600	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ar500	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ar550	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	netengine 16ex	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	netengine 16ex	scope:	lt	version:	v200r007c00spc900	Trust: 0.8
vendor:	huawei	model:	ar100 200r005	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar100 200r006	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar100 200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar120 200r005	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar120 200r006	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar120 200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar150 200r005	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar150 200r006	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar150 200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar200 200r005	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar200 200r006	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar200 200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar550 200r005	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar550 200r006	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar550 200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar500 200r005	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar500 200r006	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar500 200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200 200r005	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200 200r006	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200 200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200 200r005	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200 200r006	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200 200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3600 200r005	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3600 200r006	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3600 200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2500 200r005	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2500 200r006	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2500 200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3200 200r005	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3200 200r006	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3200 200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	netengine 16ex 200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	netengine 16ex 200r006	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	netengine 16ex 200r005	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	netengine 16ex v200r007c00	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	netengine 16ex v200r006	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	netengine 16ex v200r005	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar550 v200r007c00	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar550 v200r006	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar550 v200r005	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar500 v200r007c00	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar500 v200r006	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar500 v200r005	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar3600 v200r007c00	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar3600 v200r006	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar3600 v200r005	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar3200 v200r007c00	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar3200 v200r006	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar3200 v200r005	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar2500 v200r007c00	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar2500 v200r006	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar2500 v200r005	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar2200 v200r007c00	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar2200 v200r006	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar2200 v200r005	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar200 v200r007c00	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar200 v200r006	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar200 v200r005	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar150 v200r007c00	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar150 v200r006	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar150 v200r005	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar1200 v200r007c00	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar1200 v200r006	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar1200 v200r005	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar120 v200r007c00	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar120 v200r006	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar120 v200r005	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar100 v200r007c00	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar100 v200r006	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	ar100 v200r005	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	netengine 16ex v200r007c00spc900	scope:	ne	version:	-	Trust: 0.3
vendor:	huawei	model:	ar550 v200r007c00spc900	scope:	ne	version:	-	Trust: 0.3
vendor:	huawei	model:	ar500 v200r007c00spc900	scope:	ne	version:	-	Trust: 0.3
vendor:	huawei	model:	ar3600 v200r007c00spc900	scope:	ne	version:	-	Trust: 0.3
vendor:	huawei	model:	ar3200 v200r007c00spc900	scope:	ne	version:	-	Trust: 0.3
vendor:	huawei	model:	ar2500 v200r007c00spc900	scope:	ne	version:	-	Trust: 0.3
vendor:	huawei	model:	ar2200 v200r007c00spc900	scope:	ne	version:	-	Trust: 0.3
vendor:	huawei	model:	ar200 v200r007c00spc900	scope:	ne	version:	-	Trust: 0.3
vendor:	huawei	model:	ar150 v200r007c00spc900	scope:	ne	version:	-	Trust: 0.3
vendor:	huawei	model:	ar1200 v200r007c00spc900	scope:	ne	version:	-	Trust: 0.3
vendor:	huawei	model:	ar120 v200r007c00spc900	scope:	ne	version:	-	Trust: 0.3
vendor:	huawei	model:	ar100 v200r007c00spc900	scope:	ne	version:	-	Trust: 0.3

sources: CNVD: CNVD-2016-06762 // BID: 92618 // JVNDB: JVNDB-2016-005045 // CNNVD: CNNVD-201608-454 // NVD: CVE-2016-6901

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-6901
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2016-6901
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2016-06762
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201608-454
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-95721
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-6901
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:L/AU:S/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2016-06762
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:L/AU:S/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-95721
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:L/AU:S/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-6901
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2016-06762 // VULHUB: VHN-95721 // JVNDB: JVNDB-2016-005045 // CNNVD: CNNVD-201608-454 // NVD: CVE-2016-6901

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-95721 // JVNDB: JVNDB-2016-005045 // NVD: CVE-2016-6901

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201608-454

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201608-454

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-005045

PATCH

title:	huawei-sa-20160824-01-vrp	url:	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160824-01-vrp-en	Trust: 0.8
title:	Patches for remotely formatted string vulnerabilities in various Huawei products	url:	https://www.cnvd.org.cn/patchInfo/show/80766	Trust: 0.6
title:	Multiple Huawei Product Remote Format String Vulnerability Fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=63777	Trust: 0.6

sources: CNVD: CNVD-2016-06762 // JVNDB: JVNDB-2016-005045 // CNNVD: CNNVD-201608-454

EXTERNAL IDS

db:	NVD	id:	CVE-2016-6901	Trust: 3.4
db:	BID	id:	92618	Trust: 2.6
db:	JVNDB	id:	JVNDB-2016-005045	Trust: 0.8
db:	CNNVD	id:	CNNVD-201608-454	Trust: 0.7
db:	CNVD	id:	CNVD-2016-06762	Trust: 0.6
db:	VULHUB	id:	VHN-95721	Trust: 0.1

sources: CNVD: CNVD-2016-06762 // VULHUB: VHN-95721 // BID: 92618 // JVNDB: JVNDB-2016-005045 // CNNVD: CNNVD-201608-454 // NVD: CVE-2016-6901

REFERENCES

url:	http://www.securityfocus.com/bid/92618	Trust: 2.3
url:	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160824-01-vrp-en	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6901	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6901	Trust: 0.8
url:	http://www.huawei.com	Trust: 0.3
url:	http://www.huawei.com/en/psirt/security-advisories/2016/huawei-sa-20160824-01-vrp-en	Trust: 0.3

sources: CNVD: CNVD-2016-06762 // VULHUB: VHN-95721 // BID: 92618 // JVNDB: JVNDB-2016-005045 // CNNVD: CNNVD-201608-454 // NVD: CVE-2016-6901

CREDITS

Huawei

Trust: 0.9

sources: BID: 92618 // CNNVD: CNNVD-201608-454

SOURCES

db:	CNVD	id:	CNVD-2016-06762
db:	VULHUB	id:	VHN-95721
db:	BID	id:	92618
db:	JVNDB	id:	JVNDB-2016-005045
db:	CNNVD	id:	CNNVD-201608-454
db:	NVD	id:	CVE-2016-6901

LAST UPDATE DATE

2024-11-23T21:54:27.277000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-06762	date:	2016-08-26T00:00:00
db:	VULHUB	id:	VHN-95721	date:	2016-09-28T00:00:00
db:	BID	id:	92618	date:	2016-08-24T00:00:00
db:	JVNDB	id:	JVNDB-2016-005045	date:	2016-10-04T00:00:00
db:	CNNVD	id:	CNNVD-201608-454	date:	2016-09-27T00:00:00
db:	NVD	id:	CVE-2016-6901	date:	2024-11-21T02:57:03.590

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2016-06762	date:	2016-08-26T00:00:00
db:	VULHUB	id:	VHN-95721	date:	2016-09-26T00:00:00
db:	BID	id:	92618	date:	2016-08-24T00:00:00
db:	JVNDB	id:	JVNDB-2016-005045	date:	2016-10-04T00:00:00
db:	CNNVD	id:	CNNVD-201608-454	date:	2016-08-25T00:00:00
db:	NVD	id:	CVE-2016-6901	date:	2016-09-26T16:59:08.040