CVE-2016-2404

EPSS 0.17%
Veröffentlicht 02.04.2017 20:59:00
Zuletzt bearbeitet 20.04.2025 01:37:25
Quelle psirt@huawei.com
Teams Watchlist Login
Unerledigt Login

Huawei switches S5700, S6700, S7700, S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00; S12700 with software V200R005C00SPC500, V200R006C00; ACU2 with software V200R005C00SPC500, V200R006C00 have a permission control vulnerability. If a switch enables Authentication, Authorization, and Accounting (AAA) for permission control and user permissions are not appropriate, AAA users may obtain the virtual type terminal (VTY) access permission, resulting in privilege escalation.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Huawei ≫ S5700 Firmware Versionv200r001c00spc300

Huawei ≫ S5700 Version-

Huawei ≫ S5700 Firmware Versionv200r002c00spc100

Huawei ≫ S5700 Version-

Huawei ≫ S5700 Firmware Versionv200r003c00spc300

Huawei ≫ S5700 Version-

Huawei ≫ S5700 Firmware Versionv200r005c00spc500

Huawei ≫ S5700 Version-

Huawei ≫ S5700 Firmware Versionv200r006c00

Huawei ≫ S5700 Version-

Huawei ≫ S6700 Firmware Versionv200r001c00spc300

Huawei ≫ S6700 Version-

Huawei ≫ S6700 Firmware Versionv200r002c00spc100

Huawei ≫ S6700 Version-

Huawei ≫ S6700 Firmware Versionv200r003c00spc300

Huawei ≫ S6700 Version-

Huawei ≫ S6700 Firmware Versionv200r005c00spc500

Huawei ≫ S6700 Version-

Huawei ≫ S6700 Firmware Versionv200r006c00

Huawei ≫ S6700 Version-

Huawei ≫ S7700 Firmware Versionv200r001c00spc300

Huawei ≫ S7700 Version-

Huawei ≫ S7700 Firmware Versionv200r002c00spc100

Huawei ≫ S7700 Version-

Huawei ≫ S7700 Firmware Versionv200r003c00spc300

Huawei ≫ S7700 Version-

Huawei ≫ S7700 Firmware Versionv200r005c00spc500

Huawei ≫ S7700 Version-

Huawei ≫ S7700 Firmware Versionv200r006c00

Huawei ≫ S7700 Version-

Huawei ≫ S9700 Firmware Versionv200r001c00spc300

Huawei ≫ S9700 Version-

Huawei ≫ S9700 Firmware Versionv200r002c00spc100

Huawei ≫ S9700 Version-

Huawei ≫ S9700 Firmware Versionv200r003c00spc300

Huawei ≫ S9700 Version-

Huawei ≫ S9700 Firmware Versionv200r005c00spc500

Huawei ≫ S9700 Version-

Huawei ≫ S9700 Firmware Versionv200r006c00

Huawei ≫ S9700 Version-

Huawei ≫ S12700 Firmware Versionv200r005c00spc500

Huawei ≫ S12700 Version-

Huawei ≫ S12700 Firmware Versionv200r006c00

Huawei ≫ S12700 Version-

Huawei ≫ Acu2 Firmware Versionv200r005c00spc500

Huawei ≫ Acu2 Version-

Huawei ≫ Acu2 Firmware Versionv200r006c00

Huawei ≫ Acu2 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.17%	0.341

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	1.6	5.9	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	6	6.8	6.4	AV:N/AC:M/Au:S/C:P/I:P/A:P

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160217-01-switch-en

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2016-2404

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-2404

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-2404

EUVD