CVE-2016-3950

Huawei AR3200 routers with software before V200R006C10SPC300 allow remote authenticated users to cause a denial of service (restart) via crafted packets.

CVSS v3.0 6.5 MEDIUM
CVSS v2.0 6.8 MEDIUM

6.5^/10

CVSS v3.0 : MEDIUM

V3 Legend

Vector : AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

6.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:S/C:N/I:N/A:C

Exploitability : 8.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160406-01-ar-en	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:h:huawei:ar3200:-:*:*:*:*:*:*:*

OR	cpe:2.3:o:huawei:ar3200_firmware:v200r005c32:::::::*
	cpe:2.3:o:huawei:ar3200_firmware:v200r005c30:::::::*
	cpe:2.3:o:huawei:ar3200_firmware:v200r005c20:::::::*

Information

Published : 2016-04-18 07:59

Updated : 2016-05-18 14:34

NVD link : CVE-2016-3950

Mitre link : CVE-2016-3950

JSON object : View

CWE

CWE-20

Improper Input Validation

Products Affected

huawei

ar3200_firmware
ar3200

6.5 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

6.8 /10

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

JSON object

Attach tags to CVE-2016-3950

6.5^/10

6.8^/10

Attach tags to `CVE-2016-3950`