6.8

CVE-2016-6824

Huawei AC6003, AC6005, AC6605, and ACU2 access controllers with software before V200R006C10SPC200 allows remote authenticated users to cause a denial of service (device restart) via crafted CAPWAP packets.

Data is provided by the National Vulnerability Database (NVD)
HuaweiAc6003 Firmware Version <= v200r005c10
   HuaweiAc6003 Version-
   HuaweiAc6005 Version-
   HuaweiAc6605 Version-
   HuaweiAcu2 Version-
HuaweiAc6003 Firmware Version <= v200r006c00
   HuaweiAc6003 Version-
   HuaweiAc6005 Version-
   HuaweiAc6605 Version-
   HuaweiAcu2 Version-
HuaweiAc6005 Firmware Version <= v200r005c10
   HuaweiAc6003 Version-
   HuaweiAc6005 Version-
   HuaweiAc6605 Version-
   HuaweiAcu2 Version-
HuaweiAc6005 Firmware Version <= v200r006c00
   HuaweiAc6003 Version-
   HuaweiAc6005 Version-
   HuaweiAc6605 Version-
   HuaweiAcu2 Version-
HuaweiAc6605 Firmware Version <= v200r005c10
   HuaweiAc6003 Version-
   HuaweiAc6005 Version-
   HuaweiAc6605 Version-
   HuaweiAcu2 Version-
HuaweiAc6605 Firmware Versionv200r006c00
   HuaweiAc6003 Version-
   HuaweiAc6005 Version-
   HuaweiAc6605 Version-
   HuaweiAcu2 Version-
HuaweiAcu2 Firmware Version <= v200r005c10
   HuaweiAc6003 Version-
   HuaweiAc6005 Version-
   HuaweiAc6605 Version-
   HuaweiAcu2 Version-
HuaweiAcu2 Firmware Version <= v200r006c00
   HuaweiAc6003 Version-
   HuaweiAc6005 Version-
   HuaweiAc6605 Version-
   HuaweiAcu2 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.2% 0.388
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 6.5 2.8 3.6
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 6.8 8 6.9
AV:N/AC:L/Au:S/C:N/I:N/A:C
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.