Sign-up

ID

VAR-201706-1136


TITLE

Ruijie RG-WALL-160S firewall has SNMP protocol community string authentication permission bypass vulnerability

Trust: 0.6

sources: CNVD: CNVD-2017-06688

DESCRIPTION

RG-WALL 160S is a 100M firewall product launched by Ruijie Networks. The Ruijie RG-WALL-160S firewall has an SNMP protocol community string authentication permission bypass vulnerability. Allows an attacker to use arbitrary strings or integer values to bypass SNMP access control and write arbitrary strings in the MIB (Management Information Base) to obtain sensitive information of the device

Trust: 0.6

sources: CNVD: CNVD-2017-06688

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2017-06688

AFFECTED PRODUCTS

vendor:ruijiemodel:networks rg-wall firewall 160sscope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2017-06688

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2017-06688
value: HIGH

Trust: 0.6

CNVD: CNVD-2017-06688
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2017-06688

PATCH

title:Ruijie RG-WALL-160S firewall has NMP protocol community string authentication permission bypass vulnerabilityurl:https://www.cnvd.org.cn/patchinfo/show/93710

Trust: 0.6

sources: CNVD: CNVD-2017-06688

EXTERNAL IDS

db:CNVDid:CNVD-2017-06688

Trust: 0.6

sources: CNVD: CNVD-2017-06688

SOURCES

db:CNVDid:CNVD-2017-06688

LAST UPDATE DATE

2022-05-04T09:43:42.873000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2017-06688date:2017-05-22T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2017-06688date:2017-06-30T00:00:00