Vulnerabilites related to huawei - ar_19\/29\/49
Vulnerability from fkie_nvd
Published
2013-06-20 15:55
Modified
2024-11-21 01:43
Severity ?
Summary
The Huawei NE5000E, MA5200G, NE40E, NE80E, ATN, NE40, NE80, NE20E-X6, NE20, ME60, CX600, CX200, CX300, ACU, WLAN AC 6605, S9300, S7700, S2300, S3300, S5300, S3300HI, S5300HI, S5306, S6300, S2700, S3700, S5700, S6700, AR G3, H3C AR(OEM IN), AR 19, AR 29, AR 49, Eudemon100E, Eudemon200, Eudemon300, Eudemon500, Eudemon1000, Eudemon1000E-U/USG5300, Eudemon1000E-X/USG5500, Eudemon8080E/USG9300, Eudemon8160E/USG9300, Eudemon8000E-X/USG9500, E200E-C/USG2200, E200E-X3/USG2200, E200E-X5/USG2200, E200E-X7/USG2200, E200E-C/USG5100, E200E-X3/USG5100, E200E-X5/USG5100, E200E-X7/USG5100, E200E-B/USG2100, E200E-X1/USG2100, E200E-X2/USG2100, SVN5300, SVN2000, SVN5000, SVN3000, NIP100, NIP200, NIP1000, NIP2100, NIP2200, and NIP5100 use the DES algorithm for stored passwords, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:acu:v100r003c01spc100:*:*:*:*:*:*:*", matchCriteriaId: "CE81EA02-600F-42CE-92C8-7E1D127E9B7C", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:acu:v200r001c00:*:*:*:*:*:*:*", matchCriteriaId: "3A906E7E-7A10-474B-91C4-A30F7FAF55D8", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:acu:v200r001c00spc100:*:*:*:*:*:*:*", matchCriteriaId: "B5D1A17D-1CDD-4539-897E-A6067EAD1EE2", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:ar_19\\/29\\/49:*:*:*:*:*:*:*:*", matchCriteriaId: "82396118-3290-4683-902D-4955E81B84F9", versionEndIncluding: "r2207", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:ar_g3:v200r001c00:*:*:*:*:*:*:*", matchCriteriaId: "B19CE2AB-251D-478A-913C-65B5E0BBA0B5", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:ar_g3:v200r001c01:*:*:*:*:*:*:*", matchCriteriaId: "18BA268A-EF28-477C-AC24-38E322FFE553", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:ar_g3:v200r002c00spc200:*:*:*:*:*:*:*", matchCriteriaId: "554B2AC0-F4C6-4805-BB39-642D6D292A97", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:atn:v200r001c00:*:*:*:*:*:*:*", matchCriteriaId: "2BB1A47C-FB4F-4EF8-A614-95F3B2E6065D", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:atn:v200r001c01:*:*:*:*:*:*:*", matchCriteriaId: "C26B81D9-0A62-4F6E-A9A4-5B22F08E0882", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:cx200:v100r005:*:*:*:*:*:*:*", matchCriteriaId: "A24ECC75-1032-4DFD-A0C3-315ABB68C50F", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:cx300:v100r005:*:*:*:*:*:*:*", matchCriteriaId: "0F9BA9C4-65A8-4D9D-A21C-CEB53DB2E513", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:cx600:v200r002:*:*:*:*:*:*:*", matchCriteriaId: "D71F25CF-F4DE-4FC5-82E9-179CFFA4CA61", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:cx600:v600r001:*:*:*:*:*:*:*", matchCriteriaId: "5D94D86A-C025-4A96-A700-D676B90CBBF7", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:cx600:v600r002:*:*:*:*:*:*:*", matchCriteriaId: "3F61F187-74C5-4C50-9F91-6303C87582B1", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:cx600:v600r003:*:*:*:*:*:*:*", matchCriteriaId: "BB2B2269-0784-4DE2-B48A-9A36F9B30F96", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:e200_usg2200:*:*:*:*:*:*:*:*", matchCriteriaId: "9151ED5E-04DD-4221-9669-C8112168A507", versionEndIncluding: "v200r003c00", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:e200_usg5100:*:*:*:*:*:*:*:*", matchCriteriaId: "F63E41F8-8408-4E7A-A423-ACC2C44B3141", versionEndIncluding: "v200r003c00", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:e200e-b:*:*:*:*:*:*:*:*", matchCriteriaId: "8235FC6D-220F-4F75-BDD2-77FA661F33A2", versionEndIncluding: "v100r005c01", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:e200e-c:*:*:*:*:*:*:*:*", matchCriteriaId: "04FF6514-05AF-4D86-9B10-B50BC8D0622D", versionEndIncluding: "v200r003c00", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:e200e-usg2100:*:*:*:*:*:*:*:*", matchCriteriaId: "D14FD9A2-90D5-493C-9BC7-095EBD644114", versionEndIncluding: "v100r005c01", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:e200e-x1:*:*:*:*:*:*:*:*", matchCriteriaId: "25B60ADA-D40C-48C5-A237-DEE5DD372933", versionEndIncluding: "v100r005c01", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:e200e-x2:*:*:*:*:*:*:*:*", matchCriteriaId: "C3502D88-6168-41E3-8641-4045C9EA9B90", versionEndIncluding: "v100r005c01", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:e200x3:*:*:*:*:*:*:*:*", matchCriteriaId: "0F6DBFF5-0B0B-4F0D-96A1-D2D487AE57C7", versionEndIncluding: "v200r003c00", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:e200x5:*:*:*:*:*:*:*:*", matchCriteriaId: "5AF99475-D5A4-407E-8A7F-D6642186E5B6", versionEndIncluding: "v200r003c00", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:e200x7:*:*:*:*:*:*:*:*", matchCriteriaId: "0D68DD7D-29F9-460E-9D9C-A70F0DD489B1", versionEndIncluding: "v200r003c00", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:eudemon_8080e:*:*:*:*:*:*:*:*", matchCriteriaId: "E5A801B9-7BB4-4E06-8ED2-D9EF565F313E", versionEndIncluding: "v100r003c00", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:eudemon_8160e:*:*:*:*:*:*:*:*", matchCriteriaId: "1E9D04EF-A73F-4BF6-AB34-3C489156BBD3", versionEndIncluding: "v100r003c00", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:eudemon_usg5300:*:*:*:*:*:*:*:*", matchCriteriaId: "3510EF8C-F3EB-4531-A0A8-8E0734652E26", versionEndIncluding: "v200r001", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:eudemon_usg5500:*:*:*:*:*:*:*:*", matchCriteriaId: "F08A74A7-65FC-424C-ACAD-B6A6ED27FF60", versionEndIncluding: "v200r002", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:eudemon_usg9300:*:*:*:*:*:*:*:*", matchCriteriaId: "788B8EBF-16FA-4FDD-B07A-5A4F6E6B310A", versionEndIncluding: "v100r003c00", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:eudemon_usg9500:*:*:*:*:*:*:*:*", matchCriteriaId: "8C625CA3-BD79-42E8-91B4-539E90FBF0C5", versionEndIncluding: "v200r001c00spc600", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:eudemon1000:*:*:*:*:*:*:*:*", matchCriteriaId: "AFF18B94-150C-413F-B6D4-47B5E05DF4BA", versionEndIncluding: "v200r006c02", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:eudemon1000e-u:*:*:*:*:*:*:*:*", matchCriteriaId: "DBB0AFBD-5F0E-494A-A752-9EE2F81DF2C5", versionEndIncluding: "v200r001", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:eudemon1000e-x:*:*:*:*:*:*:*:*", matchCriteriaId: "11D8297A-362B-4056-A94F-9D49FF0B56B7", versionEndIncluding: "v200r002", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:eudemon100e:v200r007:*:*:*:*:*:*:*", matchCriteriaId: "956ED431-6CE1-4873-BDC3-7832F5867C28", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:eudemon200:v200r001:*:*:*:*:*:*:*", matchCriteriaId: "5679FA9F-B4E5-42A9-9B9A-3601BE785CC4", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:eudemon300:*:*:*:*:*:*:*:*", matchCriteriaId: "014E4B7B-E107-40B6-9B18-F5610959EA8B", versionEndIncluding: "v200r006c02", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:eudemon500:*:*:*:*:*:*:*:*", matchCriteriaId: "E0CA4ACA-0104-4A93-9FBC-DC0496A1EB70", versionEndIncluding: "v200r006c02", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:eudemon8000e-x:*:*:*:*:*:*:*:*", matchCriteriaId: "7B686C4E-FD19-42B0-87A5-162D72C47BE0", versionEndIncluding: "v200r001c00spc600", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:h3c_ar\\(oem_in\\):*:*:*:*:*:*:*:*", matchCriteriaId: "FBDEE398-3BC9-4855-952F-44B37BF9F478", versionEndIncluding: "r2209", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:ma5200g:v200r003:*:*:*:*:*:*:*", matchCriteriaId: "8D17E429-865D-4677-872E-1E191BB0A6DF", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:ma5200g:v300r003:*:*:*:*:*:*:*", matchCriteriaId: "CD2ADD48-FBB4-4E65-8486-757D2ADA4DA3", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:me60:v100r005:*:*:*:*:*:*:*", matchCriteriaId: "1AF75F78-2B91-47C3-B5AE-F4C9769B5AD8", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:me60:v100r006:*:*:*:*:*:*:*", matchCriteriaId: "18496123-2B0E-46D1-88F6-85897B2B65B4", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:me60:v600r002:*:*:*:*:*:*:*", matchCriteriaId: "E0045741-3B14-435E-8B12-B536751DD24F", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:me60:v600r003:*:*:*:*:*:*:*", matchCriteriaId: "AE8094F7-FAB2-4624-B2ED-467B40ADA260", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:me60:v600r005c00spc600:*:*:*:*:*:*:*", matchCriteriaId: "4BC19826-AC6E-4DE1-95CA-49D4BB6F6644", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:ne20:v200r005:*:*:*:*:*:*:*", matchCriteriaId: "49D7692F-6EA0-4A5E-B841-2B49332FCC5D", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:ne20e-x6:v300r005:*:*:*:*:*:*:*", matchCriteriaId: "C555EAC5-1E45-4BE5-8C69-DB1916A2EBF8", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:ne40:v300r005:*:*:*:*:*:*:*", matchCriteriaId: "AFF2311E-D7DE-4C7C-BD88-4B947BD4F8E8", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:ne40e:v300r005:*:*:*:*:*:*:*", matchCriteriaId: "B23A5D99-8458-4285-ABF8-FA0D2F49B811", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:ne40e:v600r001:*:*:*:*:*:*:*", matchCriteriaId: "5348DF82-072D-4B3B-9919-B5478420A98F", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:ne40e\\/80e:v600r002:*:*:*:*:*:*:*", matchCriteriaId: "54C3C26D-0FD0-48B9-A168-E9C6605DCB0E", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:ne40e\\/80e:v600r003:*:*:*:*:*:*:*", matchCriteriaId: "3D4D3971-B2DA-44EC-97A1-CFF436BF44F6", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:ne5000e:v300r007:*:*:*:*:*:*:*", matchCriteriaId: "CDA4A9B6-378D-4F4B-B88D-C13859E6236B", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:ne5000e:v800r002:*:*:*:*:*:*:*", matchCriteriaId: "FF6322F0-0749-4C3D-9144-D92A64B9D5FB", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:ne80:v300r005:*:*:*:*:*:*:*", matchCriteriaId: "74801C9A-31D1-4E74-9211-9AB67B5FEAB7", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:ne80e:v600r001:*:*:*:*:*:*:*", matchCriteriaId: "AA2D277B-08F0-4F6A-BC99-FBBCA4F5207D", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:ne80e:v600r002:*:*:*:*:*:*:*", matchCriteriaId: "A81A4563-15DC-4125-9E3D-5B9FB0360EA2", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:ne80e:v600r003:*:*:*:*:*:*:*", matchCriteriaId: "449449A2-28B2-4A9A-A2C9-84A18596AEDF", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:nip100:v100r001:*:*:*:*:*:*:*", matchCriteriaId: "2BE4E8E1-AF7C-49E9-9758-887EFD8CB8F4", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:nip1000:v100r001:*:*:*:*:*:*:*", matchCriteriaId: "90FF10E6-4080-4186-83DE-37703A468F3E", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:nip200:v100r001:*:*:*:*:*:*:*", matchCriteriaId: "6B0009DF-D44E-4D96-909F-B911D7BA127B", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:nip2100:v100r001c00:*:*:*:*:*:*:*", matchCriteriaId: "B8CE9794-9A67-4F65-A81A-EE00AE714A88", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:nip2200:v100r001c00:*:*:*:*:*:*:*", matchCriteriaId: "B3DC0192-8E8B-4E0C-A91C-92094A167878", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:nip5100:v100r001c00:*:*:*:*:*:*:*", matchCriteriaId: "9317FE4B-95F0-4615-9FA1-683D644BC3E7", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s2300:v100r002:*:*:*:*:*:*:*", matchCriteriaId: "871BB53D-F86F-4E3D-8DF7-875C8C1C7FDE", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s2300:v100r003:*:*:*:*:*:*:*", matchCriteriaId: "7E655344-8341-4FFA-BBED-F5D5A15759D4", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s2300:v100r005:*:*:*:*:*:*:*", matchCriteriaId: "662EDAE9-2B0F-4774-8790-2C62997764FC", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s2300:v100r006:*:*:*:*:*:*:*", matchCriteriaId: "22621191-B2CD-4BA9-B6F1-8D59850604A6", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s2700:v100r006:*:*:*:*:*:*:*", matchCriteriaId: "142335E6-A4F5-4CC4-8D86-835C3E0E5211", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s3300:v100r002:*:*:*:*:*:*:*", matchCriteriaId: "AF7B5B70-1540-490F-8486-31639DB54F12", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s3300:v100r003:*:*:*:*:*:*:*", matchCriteriaId: "33864641-EB9A-4CCC-9057-26D22AD839BD", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s3300:v100r005:*:*:*:*:*:*:*", matchCriteriaId: "59AD4C23-6315-4B97-85BB-1074F36F7291", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s3300:v100r006:*:*:*:*:*:*:*", matchCriteriaId: "972BB8A0-27D8-4A0A-865E-57E37F70A484", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s3300hi:v100r006:*:*:*:*:*:*:*", matchCriteriaId: "41435CB4-537C-45DC-B8DB-0C1F38F1D222", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s3300hi:v200r001:*:*:*:*:*:*:*", matchCriteriaId: "6D5FE313-7374-4D7A-9A01-F389311710C5", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s3700:v100r005:*:*:*:*:*:*:*", matchCriteriaId: "7EF096DC-B6F4-4763-AC6B-72CB46AB1976", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s3700:v100r006:*:*:*:*:*:*:*", matchCriteriaId: "D1171FC3-5A2E-40C6-85FF-AF7E78F96C87", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s3700:v200r001:*:*:*:*:*:*:*", matchCriteriaId: "A706C2B0-5E15-4C90-910F-0ABB65573C93", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s5300:v100r002:*:*:*:*:*:*:*", matchCriteriaId: "2295584A-2664-45AE-BA0C-1B0411F29A13", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s5300:v100r003:*:*:*:*:*:*:*", matchCriteriaId: "DDA542A3-7BB3-42B6-ACBB-D00AD4AD707A", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s5300:v100r005:*:*:*:*:*:*:*", matchCriteriaId: "5361C4C5-BBC5-42FE-A575-985B57EF575E", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s5300:v100r006:*:*:*:*:*:*:*", matchCriteriaId: "75A90C9F-8DAE-45B4-BB78-6080A434E5FC", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s5300hi:v100r006:*:*:*:*:*:*:*", matchCriteriaId: "175A8714-CD80-472B-9507-829EBC59B805", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s5300hi:v200r001:*:*:*:*:*:*:*", matchCriteriaId: "81195EA9-D62B-492D-AA37-EF7AD17AED7C", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s5306:v100r006:*:*:*:*:*:*:*", matchCriteriaId: "47052A6F-E532-42B6-9B4B-46424A1F6377", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s5306:v200r001:*:*:*:*:*:*:*", matchCriteriaId: "8B22E5AB-DAF6-4020-A62E-BE6FBE57D3DA", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s5700:v100r005:*:*:*:*:*:*:*", matchCriteriaId: "3C178B6F-8608-4BBE-A8D8-8798FB1D75E7", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s5700:v100r006:*:*:*:*:*:*:*", matchCriteriaId: "29CAD535-0216-4048-BFDA-863AA5425BA9", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s5700:v200r001:*:*:*:*:*:*:*", matchCriteriaId: "9424F3B6-A280-4043-A670-3768D9515631", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s6300:v100r006:*:*:*:*:*:*:*", matchCriteriaId: "4FB869CD-37F8-4E77-8065-B9C8FADED40C", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s6300:v200r001:*:*:*:*:*:*:*", matchCriteriaId: "C22B5DE3-03ED-4ED4-BD86-278197FA3FC4", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s6700:v100r006:*:*:*:*:*:*:*", matchCriteriaId: "652F2CCF-41FE-4DEC-8179-FF285AB99E52", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s6700:v200r001:*:*:*:*:*:*:*", matchCriteriaId: "66149AA8-E897-4563-97EC-C5EDCDBE072B", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s7700:v100r003:*:*:*:*:*:*:*", matchCriteriaId: "0B3F7637-0B4C-40D0-B814-B19F10118795", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s7700:v100r006:*:*:*:*:*:*:*", matchCriteriaId: "04686A95-05CF-4ACC-89E5-2140DFC423F7", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s9300:v100r001:*:*:*:*:*:*:*", matchCriteriaId: "63BB797D-2C82-4A55-A26A-61A6C1C86888", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s9300:v100r002:*:*:*:*:*:*:*", matchCriteriaId: "465F6E51-0676-4443-9122-CB2AD59C7516", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s9300:v100r003:*:*:*:*:*:*:*", matchCriteriaId: "94970073-415B-4358-833F-CC220653376D", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s9300:v100r006:*:*:*:*:*:*:*", matchCriteriaId: "F26E31D2-31F8-4D4F-AD3A-44C59B22B121", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:svn2000:v200r001c00:*:*:*:*:*:*:*", matchCriteriaId: "59513736-11B7-47E6-B5C4-D33F9E032BEC", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:svn3000:v100r002c02spc802b041:*:*:*:*:*:*:*", matchCriteriaId: "931A86E3-43C1-4C72-8425-862C33A2DBA7", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:svn5000:v200r001c00:*:*:*:*:*:*:*", matchCriteriaId: "15EBA968-C3E0-430E-944D-B4DA30B932C6", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:svn5300:v100r001c01b019:*:*:*:*:*:*:*", matchCriteriaId: "17A15567-DC96-4513-8681-93CE26B4FA07", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:wlan_ac_6605:v200r001c00:*:*:*:*:*:*:*", matchCriteriaId: "1968B0D3-1653-459A-865D-79DBB9AADEE6", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:wlan_ac_6605:v200r001c00spc100:*:*:*:*:*:*:*", matchCriteriaId: "7490231F-7FAB-4875-812F-657B7BF4F136", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Huawei NE5000E, MA5200G, NE40E, NE80E, ATN, NE40, NE80, NE20E-X6, NE20, ME60, CX600, CX200, CX300, ACU, WLAN AC 6605, S9300, S7700, S2300, S3300, S5300, S3300HI, S5300HI, S5306, S6300, S2700, S3700, S5700, S6700, AR G3, H3C AR(OEM IN), AR 19, AR 29, AR 49, Eudemon100E, Eudemon200, Eudemon300, Eudemon500, Eudemon1000, Eudemon1000E-U/USG5300, Eudemon1000E-X/USG5500, Eudemon8080E/USG9300, Eudemon8160E/USG9300, Eudemon8000E-X/USG9500, E200E-C/USG2200, E200E-X3/USG2200, E200E-X5/USG2200, E200E-X7/USG2200, E200E-C/USG5100, E200E-X3/USG5100, E200E-X5/USG5100, E200E-X7/USG5100, E200E-B/USG2100, E200E-X1/USG2100, E200E-X2/USG2100, SVN5300, SVN2000, SVN5000, SVN3000, NIP100, NIP200, NIP1000, NIP2100, NIP2200, and NIP5100 use the DES algorithm for stored passwords, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack.", }, { lang: "es", value: "Los Huawei NE5000E, MA5200G, NE40E, NE80E, ATN, NE40, NE80, NE20E-X6, NE20, ME60, CX600, CX200, CX300, ACU, WLAN AC 6605, S9300, S7700, S2300, S3300, S5300, S3300HI, S5300HI, S5306, S6300, S2700, S3700, S5700, S6700, AR G3, H3C AR(OEM IN), AR 19, AR 29, AR 49, Eudemon100E, Eudemon200, Eudemon300, Eudemon500, Eudemon1000, Eudemon1000E-U/USG5300, Eudemon1000E-X/USG5500, Eudemon8080E/USG9300, Eudemon8160E/USG9300, Eudemon8000E-X/USG9500, E200E-C/USG2200, E200E-X3/USG2200, E200E-X5/USG2200, E200E-X7/USG2200, E200E-C/USG5100, E200E-X3/USG5100, E200E-X5/USG5100, E200E-X7/USG5100, E200E-B/USG2100, E200E-X1/USG2100, E200E-X2/USG2100, SVN5300, SVN2000, SVN5000, SVN3000, NIP100, NIP200, NIP1000, NIP2100, NIP2200, y NIP5100 utiliza el algoritmo DES para las contraseñas almacenados, lo que hace que sea más fácil para los atacantes dependientes de contexto obtener contraseñas de texto simple a través de un ataque de fuerza bruta.", }, ], id: "CVE-2012-4960", lastModified: "2024-11-21T01:43:49.593", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-06-20T15:55:00.897", references: [ { source: "cret@cert.org", tags: [ "Vendor Advisory", ], url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194373.htm", }, { source: "cret@cert.org", tags: [ "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/948096", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194373.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/948096", }, ], sourceIdentifier: "cret@cert.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-310", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-06-20 15:55
Modified
2024-11-21 01:46
Severity ?
Summary
The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, and S7800 switches uses predictable Session ID values, which makes it easier for remote attackers to hijack sessions via a brute-force attack.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
huawei | ar_18-1x | * | |
huawei | ar_18-2x | * | |
huawei | ar_18-3x | * | |
huawei | ar_19\/29\/49 | * | |
huawei | ar_28\/46 | * | |
huawei | s2000 | r6305 | |
huawei | s2300 | r6305 | |
huawei | s2700 | r6305 | |
huawei | s3000 | r6305 | |
huawei | s3300 | r6305 | |
huawei | s3300hi | r6305 | |
huawei | s3500 | r6305 | |
huawei | s3700 | r6305 | |
huawei | s3900 | r6305 | |
huawei | s5100 | r6305 | |
huawei | s5600 | r6305 | |
huawei | s7800 | r6305 | |
huawei | s8500 | r1631 | |
huawei | s8500 | r1632 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ar_18-1x:*:*:*:*:*:*:*:*", matchCriteriaId: "C169428A-DBA2-4AD4-AB2F-9B55F406D5F5", versionEndIncluding: "r0130", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:ar_18-2x:*:*:*:*:*:*:*:*", matchCriteriaId: "F96CD3E2-2AE8-48B2-9979-84AD3C99933E", versionEndIncluding: "r1712", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:ar_18-3x:*:*:*:*:*:*:*:*", matchCriteriaId: "A93A0EF1-FDC5-4E7C-A692-C664552913EF", versionEndIncluding: "r0118", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:ar_19\\/29\\/49:*:*:*:*:*:*:*:*", matchCriteriaId: "82396118-3290-4683-902D-4955E81B84F9", versionEndIncluding: "r2207", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:ar_28\\/46:*:*:*:*:*:*:*:*", matchCriteriaId: "A520A0A9-2BF8-4E32-9194-3307CE52C2AD", versionEndIncluding: "r0311", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:s2000:r6305:*:*:*:*:*:*:*", matchCriteriaId: "5AF996D4-838E-4295-B8E2-43512DC9BF41", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s2300:r6305:*:*:*:*:*:*:*", matchCriteriaId: "6185A1C4-34B8-4FED-8144-15EA8012CA38", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s2700:r6305:*:*:*:*:*:*:*", matchCriteriaId: "49B54F7F-0B13-4ADC-B8F5-72606273528E", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s3000:r6305:*:*:*:*:*:*:*", matchCriteriaId: "ABC5B0CA-8081-4492-8D2A-5FEE778C5E82", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s3300:r6305:*:*:*:*:*:*:*", matchCriteriaId: "708E992F-581F-4DA0-A490-BB6E2BA8B598", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s3300hi:r6305:*:*:*:*:*:*:*", matchCriteriaId: "7C8FA59E-F894-441D-8FBA-5D865BD3DFC9", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s3500:r6305:*:*:*:*:*:*:*", matchCriteriaId: "945EEE2E-C21E-4E1D-9D91-F5B0A77C7CDD", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s3700:r6305:*:*:*:*:*:*:*", matchCriteriaId: "08E4AE20-F5FB-47DF-817E-DF7871121CA7", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s3900:r6305:*:*:*:*:*:*:*", matchCriteriaId: "394161B5-65DF-4921-AE2B-0959322A71F4", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s5100:r6305:*:*:*:*:*:*:*", matchCriteriaId: "F02BD40C-8825-46ED-9C99-A4DD5331F04A", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s5600:r6305:*:*:*:*:*:*:*", matchCriteriaId: "47BCCDFB-27DB-439B-965C-525941118C87", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s7800:r6305:*:*:*:*:*:*:*", matchCriteriaId: "0C3232F7-23AC-4773-A67D-BCA0A886FE3C", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s8500:r1631:*:*:*:*:*:*:*", matchCriteriaId: "7D4B69FE-DC23-4A78-9D1A-C35EA98CB1FE", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s8500:r1632:*:*:*:*:*:*:*", matchCriteriaId: "008D26B5-DC98-4592-B592-3728C8A0D6C0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, and S7800 switches uses predictable Session ID values, which makes it easier for remote attackers to hijack sessions via a brute-force attack.", }, { lang: "es", value: "El módulo HTTP en el (1) Branch Intelligent Management System (BIMS) y (2) gestión web de componentes para switches Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, and S7800 usa valores de Session ID predecibles lo que hace más fácil a atacantes remotos secuestrar la sesión a través de ataques de fuerza bruta.", }, ], id: "CVE-2012-6571", lastModified: "2024-11-21T01:46:24.257", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-06-20T15:55:00.983", references: [ { source: "cve@mitre.org", url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194371.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194371.htm", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-310", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-06-20 15:55
Modified
2024-11-21 01:46
Severity ?
Summary
The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches does not check whether HTTP data is longer than the value of the Content-Length field, which allows remote HTTP servers to conduct heap-based buffer overflow attacks and execute arbitrary code via a crafted response.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
huawei | ar_18-1x | * | |
huawei | ar_18-2x | * | |
huawei | ar_18-3x | * | |
huawei | ar_19\/29\/49 | * | |
huawei | ar_28\/46 | * | |
huawei | s2000 | r6305 | |
huawei | s2300 | r6305 | |
huawei | s2700 | r6305 | |
huawei | s3000 | r6305 | |
huawei | s3300 | r6305 | |
huawei | s3300hi | r6305 | |
huawei | s3500 | r6305 | |
huawei | s3700 | r6305 | |
huawei | s3900 | r6305 | |
huawei | s5100 | r6305 | |
huawei | s5600 | r6305 | |
huawei | s7800 | r6305 | |
huawei | s8500 | r1631 | |
huawei | s8500 | r1632 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ar_18-1x:*:*:*:*:*:*:*:*", matchCriteriaId: "C169428A-DBA2-4AD4-AB2F-9B55F406D5F5", versionEndIncluding: "r0130", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:ar_18-2x:*:*:*:*:*:*:*:*", matchCriteriaId: "F96CD3E2-2AE8-48B2-9979-84AD3C99933E", versionEndIncluding: "r1712", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:ar_18-3x:*:*:*:*:*:*:*:*", matchCriteriaId: "A93A0EF1-FDC5-4E7C-A692-C664552913EF", versionEndIncluding: "r0118", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:ar_19\\/29\\/49:*:*:*:*:*:*:*:*", matchCriteriaId: "82396118-3290-4683-902D-4955E81B84F9", versionEndIncluding: "r2207", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:ar_28\\/46:*:*:*:*:*:*:*:*", matchCriteriaId: "A520A0A9-2BF8-4E32-9194-3307CE52C2AD", versionEndIncluding: "r0311", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:s2000:r6305:*:*:*:*:*:*:*", matchCriteriaId: "5AF996D4-838E-4295-B8E2-43512DC9BF41", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s2300:r6305:*:*:*:*:*:*:*", matchCriteriaId: "6185A1C4-34B8-4FED-8144-15EA8012CA38", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s2700:r6305:*:*:*:*:*:*:*", matchCriteriaId: "49B54F7F-0B13-4ADC-B8F5-72606273528E", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s3000:r6305:*:*:*:*:*:*:*", matchCriteriaId: "ABC5B0CA-8081-4492-8D2A-5FEE778C5E82", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s3300:r6305:*:*:*:*:*:*:*", matchCriteriaId: "708E992F-581F-4DA0-A490-BB6E2BA8B598", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s3300hi:r6305:*:*:*:*:*:*:*", matchCriteriaId: "7C8FA59E-F894-441D-8FBA-5D865BD3DFC9", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s3500:r6305:*:*:*:*:*:*:*", matchCriteriaId: "945EEE2E-C21E-4E1D-9D91-F5B0A77C7CDD", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s3700:r6305:*:*:*:*:*:*:*", matchCriteriaId: "08E4AE20-F5FB-47DF-817E-DF7871121CA7", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s3900:r6305:*:*:*:*:*:*:*", matchCriteriaId: "394161B5-65DF-4921-AE2B-0959322A71F4", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s5100:r6305:*:*:*:*:*:*:*", matchCriteriaId: "F02BD40C-8825-46ED-9C99-A4DD5331F04A", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s5600:r6305:*:*:*:*:*:*:*", matchCriteriaId: "47BCCDFB-27DB-439B-965C-525941118C87", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s7800:r6305:*:*:*:*:*:*:*", matchCriteriaId: "0C3232F7-23AC-4773-A67D-BCA0A886FE3C", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s8500:r1631:*:*:*:*:*:*:*", matchCriteriaId: "7D4B69FE-DC23-4A78-9D1A-C35EA98CB1FE", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s8500:r1632:*:*:*:*:*:*:*", matchCriteriaId: "008D26B5-DC98-4592-B592-3728C8A0D6C0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches does not check whether HTTP data is longer than the value of the Content-Length field, which allows remote HTTP servers to conduct heap-based buffer overflow attacks and execute arbitrary code via a crafted response.", }, { lang: "es", value: "El módulo HTTP en (1) Branch Intelligent Management System (BIMS) y (2) componentes de gestión web de switches de Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, y S8500 no comprueba si los datos HTTP son mayores que el valor del campo Content-Length, que permite a los servidores HTTP remotos realizar ataques de desbordamiento de búfer basado en montículo y ejecutar código arbitrario a través de una respuesta elaborada.", }, ], id: "CVE-2012-6570", lastModified: "2024-11-21T01:46:24.107", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-06-20T15:55:00.967", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194361.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194361.htm", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-06-20 15:55
Modified
2024-11-21 01:46
Severity ?
Summary
Stack-based buffer overflow in the HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches allows remote attackers to execute arbitrary code via a long URI.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
huawei | ar_18-1x | * | |
huawei | ar_18-2x | * | |
huawei | ar_18-3x | * | |
huawei | ar_19\/29\/49 | * | |
huawei | ar_28\/46 | * | |
huawei | s2000 | r6305 | |
huawei | s2300 | r6305 | |
huawei | s2700 | r6305 | |
huawei | s3000 | r6305 | |
huawei | s3300 | r6305 | |
huawei | s3300hi | r6305 | |
huawei | s3500 | r6305 | |
huawei | s3700 | r6305 | |
huawei | s3900 | r6305 | |
huawei | s5100 | r6305 | |
huawei | s5600 | r6305 | |
huawei | s7800 | r6305 | |
huawei | s8500 | r1631 | |
huawei | s8500 | r1632 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ar_18-1x:*:*:*:*:*:*:*:*", matchCriteriaId: "C169428A-DBA2-4AD4-AB2F-9B55F406D5F5", versionEndIncluding: "r0130", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:ar_18-2x:*:*:*:*:*:*:*:*", matchCriteriaId: "F96CD3E2-2AE8-48B2-9979-84AD3C99933E", versionEndIncluding: "r1712", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:ar_18-3x:*:*:*:*:*:*:*:*", matchCriteriaId: "A93A0EF1-FDC5-4E7C-A692-C664552913EF", versionEndIncluding: "r0118", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:ar_19\\/29\\/49:*:*:*:*:*:*:*:*", matchCriteriaId: "82396118-3290-4683-902D-4955E81B84F9", versionEndIncluding: "r2207", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:ar_28\\/46:*:*:*:*:*:*:*:*", matchCriteriaId: "A520A0A9-2BF8-4E32-9194-3307CE52C2AD", versionEndIncluding: "r0311", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:s2000:r6305:*:*:*:*:*:*:*", matchCriteriaId: "5AF996D4-838E-4295-B8E2-43512DC9BF41", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s2300:r6305:*:*:*:*:*:*:*", matchCriteriaId: "6185A1C4-34B8-4FED-8144-15EA8012CA38", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s2700:r6305:*:*:*:*:*:*:*", matchCriteriaId: "49B54F7F-0B13-4ADC-B8F5-72606273528E", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s3000:r6305:*:*:*:*:*:*:*", matchCriteriaId: "ABC5B0CA-8081-4492-8D2A-5FEE778C5E82", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s3300:r6305:*:*:*:*:*:*:*", matchCriteriaId: "708E992F-581F-4DA0-A490-BB6E2BA8B598", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s3300hi:r6305:*:*:*:*:*:*:*", matchCriteriaId: "7C8FA59E-F894-441D-8FBA-5D865BD3DFC9", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s3500:r6305:*:*:*:*:*:*:*", matchCriteriaId: "945EEE2E-C21E-4E1D-9D91-F5B0A77C7CDD", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s3700:r6305:*:*:*:*:*:*:*", matchCriteriaId: "08E4AE20-F5FB-47DF-817E-DF7871121CA7", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s3900:r6305:*:*:*:*:*:*:*", matchCriteriaId: "394161B5-65DF-4921-AE2B-0959322A71F4", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s5100:r6305:*:*:*:*:*:*:*", matchCriteriaId: "F02BD40C-8825-46ED-9C99-A4DD5331F04A", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s5600:r6305:*:*:*:*:*:*:*", matchCriteriaId: "47BCCDFB-27DB-439B-965C-525941118C87", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s7800:r6305:*:*:*:*:*:*:*", matchCriteriaId: "0C3232F7-23AC-4773-A67D-BCA0A886FE3C", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s8500:r1631:*:*:*:*:*:*:*", matchCriteriaId: "7D4B69FE-DC23-4A78-9D1A-C35EA98CB1FE", vulnerable: true, }, { criteria: "cpe:2.3:h:huawei:s8500:r1632:*:*:*:*:*:*:*", matchCriteriaId: "008D26B5-DC98-4592-B592-3728C8A0D6C0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Stack-based buffer overflow in the HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches allows remote attackers to execute arbitrary code via a long URI.", }, { lang: "es", value: "Desbordamiento de búfer basado en pila en el módulo HTTP en el (1) Branch Intelligent Management System (BIMS) y (2) en el componente de gestión web en Huawei AR routers y switches S2000, S3000, S3500, S3900, S5100, S5600, S7800, y S8500 permite a atacantes remotos ejecutar código arbitrario mediante una URI de gran longitud.", }, ], id: "CVE-2012-6569", lastModified: "2024-11-21T01:46:23.957", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-06-20T15:55:00.950", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194370.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194370.htm", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2012-6571
Vulnerability from cvelistv5
Published
2013-06-20 15:00
Modified
2024-09-16 21:08
Severity ?
EPSS score ?
Summary
The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, and S7800 switches uses predictable Session ID values, which makes it easier for remote attackers to hijack sessions via a brute-force attack.
References
▼ | URL | Tags |
---|---|---|
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194371.htm | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T21:36:01.850Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194371.htm", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, and S7800 switches uses predictable Session ID values, which makes it easier for remote attackers to hijack sessions via a brute-force attack.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-06-20T15:00:00Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194371.htm", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2012-6571", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, and S7800 switches uses predictable Session ID values, which makes it easier for remote attackers to hijack sessions via a brute-force attack.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194371.htm", refsource: "CONFIRM", url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194371.htm", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2012-6571", datePublished: "2013-06-20T15:00:00Z", dateReserved: "2013-06-20T00:00:00Z", dateUpdated: "2024-09-16T21:08:50.739Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2012-4960
Vulnerability from cvelistv5
Published
2013-06-20 15:00
Modified
2024-08-06 20:50
Severity ?
EPSS score ?
Summary
The Huawei NE5000E, MA5200G, NE40E, NE80E, ATN, NE40, NE80, NE20E-X6, NE20, ME60, CX600, CX200, CX300, ACU, WLAN AC 6605, S9300, S7700, S2300, S3300, S5300, S3300HI, S5300HI, S5306, S6300, S2700, S3700, S5700, S6700, AR G3, H3C AR(OEM IN), AR 19, AR 29, AR 49, Eudemon100E, Eudemon200, Eudemon300, Eudemon500, Eudemon1000, Eudemon1000E-U/USG5300, Eudemon1000E-X/USG5500, Eudemon8080E/USG9300, Eudemon8160E/USG9300, Eudemon8000E-X/USG9500, E200E-C/USG2200, E200E-X3/USG2200, E200E-X5/USG2200, E200E-X7/USG2200, E200E-C/USG5100, E200E-X3/USG5100, E200E-X5/USG5100, E200E-X7/USG5100, E200E-B/USG2100, E200E-X1/USG2100, E200E-X2/USG2100, SVN5300, SVN2000, SVN5000, SVN3000, NIP100, NIP200, NIP1000, NIP2100, NIP2200, and NIP5100 use the DES algorithm for stored passwords, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack.
References
▼ | URL | Tags |
---|---|---|
http://www.kb.cert.org/vuls/id/948096 | third-party-advisory, x_refsource_CERT-VN | |
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194373.htm | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T20:50:18.270Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "VU#948096", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/948096", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194373.htm", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2012-12-17T00:00:00", descriptions: [ { lang: "en", value: "The Huawei NE5000E, MA5200G, NE40E, NE80E, ATN, NE40, NE80, NE20E-X6, NE20, ME60, CX600, CX200, CX300, ACU, WLAN AC 6605, S9300, S7700, S2300, S3300, S5300, S3300HI, S5300HI, S5306, S6300, S2700, S3700, S5700, S6700, AR G3, H3C AR(OEM IN), AR 19, AR 29, AR 49, Eudemon100E, Eudemon200, Eudemon300, Eudemon500, Eudemon1000, Eudemon1000E-U/USG5300, Eudemon1000E-X/USG5500, Eudemon8080E/USG9300, Eudemon8160E/USG9300, Eudemon8000E-X/USG9500, E200E-C/USG2200, E200E-X3/USG2200, E200E-X5/USG2200, E200E-X7/USG2200, E200E-C/USG5100, E200E-X3/USG5100, E200E-X5/USG5100, E200E-X7/USG5100, E200E-B/USG2100, E200E-X1/USG2100, E200E-X2/USG2100, SVN5300, SVN2000, SVN5000, SVN3000, NIP100, NIP200, NIP1000, NIP2100, NIP2200, and NIP5100 use the DES algorithm for stored passwords, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-08-22T09:00:00", orgId: "37e5125f-f79b-445b-8fad-9564f167944b", shortName: "certcc", }, references: [ { name: "VU#948096", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/948096", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194373.htm", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cert@cert.org", ID: "CVE-2012-4960", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Huawei NE5000E, MA5200G, NE40E, NE80E, ATN, NE40, NE80, NE20E-X6, NE20, ME60, CX600, CX200, CX300, ACU, WLAN AC 6605, S9300, S7700, S2300, S3300, S5300, S3300HI, S5300HI, S5306, S6300, S2700, S3700, S5700, S6700, AR G3, H3C AR(OEM IN), AR 19, AR 29, AR 49, Eudemon100E, Eudemon200, Eudemon300, Eudemon500, Eudemon1000, Eudemon1000E-U/USG5300, Eudemon1000E-X/USG5500, Eudemon8080E/USG9300, Eudemon8160E/USG9300, Eudemon8000E-X/USG9500, E200E-C/USG2200, E200E-X3/USG2200, E200E-X5/USG2200, E200E-X7/USG2200, E200E-C/USG5100, E200E-X3/USG5100, E200E-X5/USG5100, E200E-X7/USG5100, E200E-B/USG2100, E200E-X1/USG2100, E200E-X2/USG2100, SVN5300, SVN2000, SVN5000, SVN3000, NIP100, NIP200, NIP1000, NIP2100, NIP2200, and NIP5100 use the DES algorithm for stored passwords, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "VU#948096", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/948096", }, { name: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194373.htm", refsource: "CONFIRM", url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194373.htm", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "37e5125f-f79b-445b-8fad-9564f167944b", assignerShortName: "certcc", cveId: "CVE-2012-4960", datePublished: "2013-06-20T15:00:00", dateReserved: "2012-09-17T00:00:00", dateUpdated: "2024-08-06T20:50:18.270Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2012-6569
Vulnerability from cvelistv5
Published
2013-06-20 15:00
Modified
2024-09-17 02:36
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in the HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches allows remote attackers to execute arbitrary code via a long URI.
References
▼ | URL | Tags |
---|---|---|
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194370.htm | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T21:36:01.340Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194370.htm", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Stack-based buffer overflow in the HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches allows remote attackers to execute arbitrary code via a long URI.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-06-20T15:00:00Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194370.htm", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2012-6569", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Stack-based buffer overflow in the HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches allows remote attackers to execute arbitrary code via a long URI.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194370.htm", refsource: "CONFIRM", url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194370.htm", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2012-6569", datePublished: "2013-06-20T15:00:00Z", dateReserved: "2013-06-20T00:00:00Z", dateUpdated: "2024-09-17T02:36:51.575Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2012-6570
Vulnerability from cvelistv5
Published
2013-06-20 15:00
Modified
2024-09-16 23:46
Severity ?
EPSS score ?
Summary
The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches does not check whether HTTP data is longer than the value of the Content-Length field, which allows remote HTTP servers to conduct heap-based buffer overflow attacks and execute arbitrary code via a crafted response.
References
▼ | URL | Tags |
---|---|---|
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194361.htm | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T21:36:01.313Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194361.htm", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches does not check whether HTTP data is longer than the value of the Content-Length field, which allows remote HTTP servers to conduct heap-based buffer overflow attacks and execute arbitrary code via a crafted response.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-06-20T15:00:00Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194361.htm", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2012-6570", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches does not check whether HTTP data is longer than the value of the Content-Length field, which allows remote HTTP servers to conduct heap-based buffer overflow attacks and execute arbitrary code via a crafted response.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194361.htm", refsource: "CONFIRM", url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194361.htm", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2012-6570", datePublished: "2013-06-20T15:00:00Z", dateReserved: "2013-06-20T00:00:00Z", dateUpdated: "2024-09-16T23:46:14.672Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }