Details of VAR-201610-0376

ID

VAR-201610-0376

CVE

CVE-2016-1000215

TITLE

Ruckus Wireless H500 Denial of Service Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2016-10447 // CNNVD: CNNVD-201610-734

DESCRIPTION

Ruckus Wireless H500 web management interface denial of service. The Ruckus Wireless H500 is an indoor wall switch access point for Ruckus Wireless in the United States. Webmanagementinterface is one of the web-based management interfaces. An attacker could exploit the vulnerability to cause a denial of service

Trust: 2.25

sources: NVD: CVE-2016-1000215 // JVNDB: JVNDB-2016-005624 // CNVD: CNVD-2016-10447 // VULHUB: VHN-88667

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-10447

AFFECTED PRODUCTS

vendor:	ruckus	model:	wireless h500	scope:	eq	version:	-	Trust: 1.6
vendor:	ruckus	model:	zoneflex h500	scope:	-	version:	-	Trust: 0.8
vendor:	ruckus	model:	h500	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2016-10447 // JVNDB: JVNDB-2016-005624 // CNNVD: CNNVD-201610-734 // NVD: CVE-2016-1000215

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-1000215
value:	HIGH
Trust: 1.0
NVD:	CVE-2016-1000215
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2016-10447
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201610-734
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-88667
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-1000215
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2016-10447
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-88667
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-1000215
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2016-10447 // VULHUB: VHN-88667 // JVNDB: JVNDB-2016-005624 // CNNVD: CNNVD-201610-734 // NVD: CVE-2016-1000215

PROBLEMTYPE DATA

problemtype:

NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2016-1000215

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201610-734

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201610-734

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-005624

PATCH

title:

ZoneFlex H500

url:

https://www.ruckuswireless.com/products/access-points/zoneflex-indoor/zoneflex-h500

Trust: 0.8

sources: JVNDB: JVNDB-2016-005624

EXTERNAL IDS

db:	NVD	id:	CVE-2016-1000215	Trust: 3.1
db:	JVNDB	id:	JVNDB-2016-005624	Trust: 0.8
db:	CNNVD	id:	CNNVD-201610-734	Trust: 0.7
db:	CNVD	id:	CNVD-2016-10447	Trust: 0.6
db:	VULHUB	id:	VHN-88667	Trust: 0.1

sources: CNVD: CNVD-2016-10447 // VULHUB: VHN-88667 // JVNDB: JVNDB-2016-005624 // CNNVD: CNNVD-201610-734 // NVD: CVE-2016-1000215

REFERENCES

url:	https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability/	Trust: 3.1
url:	http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1000215	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1000215	Trust: 0.8

sources: CNVD: CNVD-2016-10447 // VULHUB: VHN-88667 // JVNDB: JVNDB-2016-005624 // CNNVD: CNNVD-201610-734 // NVD: CVE-2016-1000215

SOURCES

db:	CNVD	id:	CNVD-2016-10447
db:	VULHUB	id:	VHN-88667
db:	JVNDB	id:	JVNDB-2016-005624
db:	CNNVD	id:	CNNVD-201610-734
db:	NVD	id:	CVE-2016-1000215

LAST UPDATE DATE

2025-04-13T23:29:27.926000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-10447	date:	2016-11-01T00:00:00
db:	VULHUB	id:	VHN-88667	date:	2017-07-07T00:00:00
db:	JVNDB	id:	JVNDB-2016-005624	date:	2016-10-31T00:00:00
db:	CNNVD	id:	CNNVD-201610-734	date:	2016-10-26T00:00:00
db:	NVD	id:	CVE-2016-1000215	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2016-10447	date:	2016-11-01T00:00:00
db:	VULHUB	id:	VHN-88667	date:	2016-10-25T00:00:00
db:	JVNDB	id:	JVNDB-2016-005624	date:	2016-10-31T00:00:00
db:	CNNVD	id:	CNNVD-201610-734	date:	2016-10-26T00:00:00
db:	NVD	id:	CVE-2016-1000215	date:	2016-10-25T14:29:07.790