CVE-2016-6669

{"id": "CVE-2016-6669", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.1, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "HIGH", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.6}]}, "published": "2016-09-22T15:59:05.977", "references": [{"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160810-01-usg-en", "tags": ["VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/92441", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in the Authentication, Authorization and Accounting (AAA) module in Huawei USG2100, USG2200, USG5100, and USG5500 unified security gateways with software before V300R001C10SPC600 allows remote authenticated RADIUS servers to execute arbitrary code by sending a crafted EAP packet."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en el m\u00f3dulo Authentication, Authorization y Accounting (AAA) en las puertas de entrada de seguridad unificadas USG2100, USG2200, USG5100 y USG5500 en Huawei con software en versiones anteriores a V300R001C10SPC600 permite a servidores RADIUS remotos autenticados ejecutar c\u00f3digo arbitrario enviando un paquete EAP manipulado."}], "lastModified": "2016-11-28T20:33:55.317", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:usg2100_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F720A197-A45A-4BC4-87ED-26D1E3FD1F40", "versionEndIncluding": "v300r001c00"}, {"criteria": "cpe:2.3:o:huawei:usg2100_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8AECAEA1-22C8-4E17-91A2-81C3450BC00C", "versionEndIncluding": "v300r001c10"}, {"criteria": "cpe:2.3:o:huawei:usg2200_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "325542AB-7154-4A5B-A85C-62AB251C4AC6", "versionEndIncluding": "v300r001c00"}, {"criteria": "cpe:2.3:o:huawei:usg2200_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1480DC9-5518-43D9-A760-3779FF54C191", "versionEndIncluding": "v300r001c10"}, {"criteria": "cpe:2.3:o:huawei:usg5100_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8132BF37-35B4-4385-A864-006EB5D2021F", "versionEndIncluding": "v300r001c00"}, {"criteria": "cpe:2.3:o:huawei:usg5100_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "254AAB81-1C18-4C3D-A45C-2F0B035767D8", "versionEndIncluding": "v300r001c10"}, {"criteria": "cpe:2.3:o:huawei:usg5500_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "95F806D1-25F5-4D38-A9EA-C5E195C645A5", "versionEndIncluding": "v300r001c00"}, {"criteria": "cpe:2.3:o:huawei:usg5500_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "605BC300-CCC1-4846-9848-3FA87256DD64", "versionEndIncluding": "v300r001c10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:usg2100:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "56136202-9759-4A86-A52B-AE841319C4DF"}, {"criteria": "cpe:2.3:h:huawei:usg2200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A78C3EBF-B7B0-4239-95CF-588D78FF6BA1"}, {"criteria": "cpe:2.3:h:huawei:usg5100:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5140E0A4-AA43-4410-BE72-7A751B8025D1"}, {"criteria": "cpe:2.3:h:huawei:usg5500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EDC12456-351D-4DA4-8576-7FE9157E61DC"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}