Lucene search

[email protected]NVD:CVE-2016-6158

HistorySep 21, 2016 - 2:25 p.m.

CVE-2016-6158

2016-09-2114:25:17

CWE-352

[email protected]

web.nvd.nist.gov

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:N/I:C/A:C

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:H

6.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.8%

JSON

Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei WS331a routers with software before WS331a-10 V100R001C01B112 allow remote attackers to hijack the authentication of administrators for requests that (1) restore factory settings or (2) reboot the device via unspecified vectors.

Affected configurations

NVD

Node

huaweiws331a_router_firmwareMatchws331a-10_v100r001c02b017sp01

AND

huaweiws331a_routerMatch-

References

www.huawei.com/en/psirt/security-advisories/huawei-sa-20160907-01-ws331a-en

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:N/I:C/A:C

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:H

6.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.8%

JSON

Related for NVD:CVE-2016-6158

prion1 cvelist1 cve1 huawei1