CVE-2016-6900

{"id": "CVE-2016-6900", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2016-09-07T19:28:21.740", "references": [{"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160824-01-server-en", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-399"}]}], "descriptions": [{"lang": "en", "value": "The Intelligent Baseboard Management Controller (iBMC) in Huawei RH1288 V3 servers with software before V100R003C00SPC613; RH2288 V3 servers with software before V100R003C00SPC617; RH2288H V3 servers with software before V100R003C00SPC515; RH5885 V3 servers with software before V100R003C10SPC102; and XH620 V3, XH622 V3, and XH628 V3 servers with software before V100R003C00SPC610 allows local users to cause a denial of service (iBMC resource consumption) via unspecified vectors."}, {"lang": "es", "value": "Intelligent Baseboard Management Controller (iBMC) en servidores Huawei RH1288 V3 con software anterior a V100R003C00SPC613; servidores RH2288 V3 con software anterior a V100R003C00SPC617; servidores RH2288H V3 con software anterior a V100R003C00SPC515; servidores RH5885 V3 con software anterior a V100R003C10SPC102 XH620 V3, XH622 V3 y servidores XH628 V3 con software anterior a V100R003C00SPC610 permite a usuarios locales provocar una denegaci\u00f3n de servicio (recurso de consumo iBMC) a trav\u00e9s de vectores no especificados."}], "lastModified": "2016-09-08T19:19:30.050", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:rh1288_v3_server_firmware:v100r003c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE7DF842-021C-422A-BCE5-17BEE7FAA950"}, {"criteria": "cpe:2.3:o:huawei:rh2288_v3_server_firmware:v100r003c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93439764-5BA1-49B0-B337-5C2C62C3A962"}, {"criteria": "cpe:2.3:o:huawei:rh2288h_v3_server_firmware:v100r003c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33CE73B9-21F6-4175-9C60-159F862B98B4"}, {"criteria": "cpe:2.3:o:huawei:xh620_v3_server_firmware:v100r003c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5C5F600-30B6-4098-B0C5-E20A722957A9"}, {"criteria": "cpe:2.3:o:huawei:xh622_v3_server_firmware:v100r003c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "91123A12-63C1-422F-86C5-C0A6E2C1E8C5"}, {"criteria": "cpe:2.3:o:huawei:xh628_v3_server_firmware:v100r003c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "443F96DD-C3E8-4A8C-8FFC-D8E750DFDCB2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:rh1288_v3_server:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CF7BCC07-7475-48F0-BF51-C86B8548AE62"}, {"criteria": "cpe:2.3:h:huawei:rh2288_v3_server:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "04129772-90A9-4FD1-935F-08EEF6D06A3B"}, {"criteria": "cpe:2.3:h:huawei:rh2288h_v3_server:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "20FCB034-2A59-406F-A7B7-0C098E360E17"}, {"criteria": "cpe:2.3:h:huawei:xh620_v3_server:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "51480E77-61B8-4F1B-8FAE-E4ADF3279999"}, {"criteria": "cpe:2.3:h:huawei:xh622_v3_server:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "ED6D095D-5546-44BE-A8FD-4C22EC297AF9"}, {"criteria": "cpe:2.3:h:huawei:xh628_v3_server:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8AB59F25-E2C1-4017-8875-BE60C540F2B1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:rh5885_v3_server_firmware:v100r003c01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "738BC343-71EE-4FDE-829A-4E528E222360"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:rh5885_v3_server:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "07B3E187-6185-4FE8-A0A2-DCD87903140B"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}