Vulnerabilites related to huawei - s3300hi
var-201704-0385
Vulnerability from variot
Huawei Campus S3700HI with software V200R001C00SPC300; Campus S5700 with software V200R002C00SPC100; Campus S7700 with software V200R003C00SPC300,V200R003C00SPC500; LSW S9700 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500; S2350 with software V200R003C00SPC300; S2750 with software V200R003C00SPC300; S5300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S5700 with software V200R001C00SPC300,V200R003C00SPC300; S6300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S6700 S3300HI with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S7700 with software V200R001C00SPC300; S9300 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500; S9300E with software V200R003C00SPC300,V200R003C00SPC500 allow attackers to keep sending malformed packets to cause a denial of service (DoS) attack, aka a heap overflow. plural Huawei Campus The product software contains a buffer error vulnerability.Service operation interruption (DoS) An attack may be carried out. Huawei's Campus switch is a series of switches introduced by Huawei. An attacker can exploit this vulnerability by using malformed packets to cause the device to restart abnormally. The following products and versions are affected: Huawei Campus S3700HI V200R001C00SPC300 Version; Campus S5700 V200R002C00SPC100 Version; Campus S7700 V200R003C00SPC300 Version, V200R003C00SPC500 Version; LSW S9700 V200R001C00SPC300 Version, V200R003C00SPC300 Version, V200R003C00SPC500 Version; S2350 V200R003C00SPC300 Version; S2750 V200R003C00SPC300 Version; S5300 V200R001C00SPC300 Version, V200R002C00SPC100 Version, V200R003C00SPC300 Version; S5700 V200R001C00SPC300 Version, V200R003C00SPC300 Version; S6300 V200R001C00SPC300 Version, V200R002C00SPC100 Version, V200R003C00SPC300 Version; S6700 S3300HI V200R001C00SPC300 Version, V200R002C00SPC100 Version, V200R003C00SPC300 Version; S7700 V200R001C00SPC300 Version; S9300 V200R001C00SPC300 Version, V200R003C00SPC300 Version, V200R003C00SPC500 Version; S9300E V200R003C00SPC300 Version , V200R003C00SPC500 version
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-0385",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "s6700",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r003c00spc300"
},
{
"model": "lsw s9700",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r003c00spc500"
},
{
"model": "s9300",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r003c00spc500"
},
{
"model": "s2350",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r003c00spc300"
},
{
"model": "s5700",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r003c00spc300"
},
{
"model": "s2750",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r003c00spc300"
},
{
"model": "s9300e",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r003c00spc500"
},
{
"model": "campus s7700",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r003c00spc500"
},
{
"model": "lsw s9700",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r003c00spc300"
},
{
"model": "s6300",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r003c00spc300"
},
{
"model": "s7700 v200r001c00spc300",
"scope": null,
"trust": 1.2,
"vendor": "huawei",
"version": null
},
{
"model": "campus s3700hi",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c00spc300"
},
{
"model": "s7700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c00spc300"
},
{
"model": "s6700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r002c00spc100"
},
{
"model": "s5300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c00spc300"
},
{
"model": "s3300hi",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c00spc300"
},
{
"model": "s5700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c00spc300"
},
{
"model": "s9300e",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c00spc300"
},
{
"model": "s5300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r002c00spc100"
},
{
"model": "s5300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c00spc300"
},
{
"model": "campus s7700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c00spc300"
},
{
"model": "lsw s9700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c00spc300"
},
{
"model": "s6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c00spc300"
},
{
"model": "campus s5700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r002c00spc100"
},
{
"model": "s9300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c00spc300"
},
{
"model": "s6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r002c00spc100"
},
{
"model": "s6700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c00spc300"
},
{
"model": "s9300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c00spc300"
},
{
"model": "campus lsw s9700",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "firmware"
},
{
"model": "campus s2350",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "firmware"
},
{
"model": "campus s2750",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "firmware"
},
{
"model": "campus s3300hi",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "firmware"
},
{
"model": "campus s3700hi",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "campus s5300",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "firmware"
},
{
"model": "campus s5700",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "firmware"
},
{
"model": "campus s5700",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "campus s6300",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "firmware"
},
{
"model": "campus s6700",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "firmware"
},
{
"model": "campus s7700",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "firmware"
},
{
"model": "campus s7700",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "campus s9300",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "firmware"
},
{
"model": "campus s9300e",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "firmware"
},
{
"model": "s9300 v200r001c00spc300",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s9300 v200r002c00spc100",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s9300 v200r003c00spc300",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "campus s3700hi v200r001c00spc300",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5700 v200r001c00spc300",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5700 v200r003c00spc300",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s6700 s3300hi v200r001c00spc300",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5300 v200r001c00spc300",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5300 v200r003c00spc300",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5300 v200r002c00spc100",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s6300 v200r001c00spc300",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s6300 v200r003c00spc300",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s6300 v200r002c00spc100",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "lsw s9700 v200r001c00spc300",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "lsw s9700 v200r003c00spc300",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "lsw s9700 v200r003c00spc500",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "campus s5700 v200r002c00spc100",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s9300e v200r002c00spc100",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s9300e v200r003c00spc300",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s6700 v200r002c00spc100",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s6700 v200r003c00spc300",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "campus s7700 v200r002c00spc100",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "campus s7700 v200r003c00spc300",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2750 v200r003c00spc300",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2350ei v200r003c00spc300",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05106"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008276"
},
{
"db": "NVD",
"id": "CVE-2014-4706"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-211"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:campus_s3700hi_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:campus_s3700hi:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s5700_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s6700_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s3300hi_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s3300hi:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s5300_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s5300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s6300_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s6300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s9300_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s9300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s7700_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:lsw_s9700_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:lsw_s9700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:campus_s5700_firmware:v200r002c00spc100:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:campus_s5700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s6700_firmware:v200r002c00spc100:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s5300_firmware:v200r002c00spc100:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s5300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s6300_firmware:v200r002c00spc100:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s6300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:campus_s7700_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:campus_s7700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s9300_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s9300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s9300e_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s9300e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s5300_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s5300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s5700_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s6300_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s6300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s6700_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s2350_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s2350:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s2750_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s2750:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:lsw_s9700_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:lsw_s9700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:campus_s7700_firmware:v200r003c00spc500:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:campus_s7700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s9300_firmware:v200r003c00spc500:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s9300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s9300e_firmware:v200r003c00spc500:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s9300e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:lsw_s9700_firmware:v200r003c00spc500:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:lsw_s9700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-4706"
}
]
},
"cve": "CVE-2014-4706",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2014-4706",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-05106",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-72647",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2014-4706",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-4706",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2017-05106",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201704-211",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-72647",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05106"
},
{
"db": "VULHUB",
"id": "VHN-72647"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008276"
},
{
"db": "NVD",
"id": "CVE-2014-4706"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-211"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei Campus S3700HI with software V200R001C00SPC300; Campus S5700 with software V200R002C00SPC100; Campus S7700 with software V200R003C00SPC300,V200R003C00SPC500; LSW S9700 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500; S2350 with software V200R003C00SPC300; S2750 with software V200R003C00SPC300; S5300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S5700 with software V200R001C00SPC300,V200R003C00SPC300; S6300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S6700 S3300HI with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S7700 with software V200R001C00SPC300; S9300 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500; S9300E with software V200R003C00SPC300,V200R003C00SPC500 allow attackers to keep sending malformed packets to cause a denial of service (DoS) attack, aka a heap overflow. plural Huawei Campus The product software contains a buffer error vulnerability.Service operation interruption (DoS) An attack may be carried out. Huawei\u0027s Campus switch is a series of switches introduced by Huawei. An attacker can exploit this vulnerability by using malformed packets to cause the device to restart abnormally. The following products and versions are affected: Huawei Campus S3700HI V200R001C00SPC300 Version; Campus S5700 V200R002C00SPC100 Version; Campus S7700 V200R003C00SPC300 Version, V200R003C00SPC500 Version; LSW S9700 V200R001C00SPC300 Version, V200R003C00SPC300 Version, V200R003C00SPC500 Version; S2350 V200R003C00SPC300 Version; S2750 V200R003C00SPC300 Version; S5300 V200R001C00SPC300 Version, V200R002C00SPC100 Version, V200R003C00SPC300 Version; S5700 V200R001C00SPC300 Version, V200R003C00SPC300 Version; S6300 V200R001C00SPC300 Version, V200R002C00SPC100 Version, V200R003C00SPC300 Version; S6700 S3300HI V200R001C00SPC300 Version, V200R002C00SPC100 Version, V200R003C00SPC300 Version; S7700 V200R001C00SPC300 Version; S9300 V200R001C00SPC300 Version, V200R003C00SPC300 Version, V200R003C00SPC500 Version; S9300E V200R003C00SPC300 Version , V200R003C00SPC500 version",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-4706"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008276"
},
{
"db": "CNVD",
"id": "CNVD-2017-05106"
},
{
"db": "VULHUB",
"id": "VHN-72647"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-4706",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008276",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201704-211",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-05106",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-72647",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05106"
},
{
"db": "VULHUB",
"id": "VHN-72647"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008276"
},
{
"db": "NVD",
"id": "CVE-2014-4706"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-211"
}
]
},
"id": "VAR-201704-0385",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05106"
},
{
"db": "VULHUB",
"id": "VHN-72647"
}
],
"trust": 1.4777415505882354
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05106"
}
]
},
"last_update_date": "2023-12-18T12:44:40.100000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Huawei-SA-20140604-01-Campus",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-343218"
},
{
"title": "Huawei Campus series switch heap buffer overflow vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/92441"
},
{
"title": "Huawei Campus Repair of Series Switch Buffer Error Vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=69057"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05106"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008276"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-211"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-72647"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008276"
},
{
"db": "NVD",
"id": "CVE-2014-4706"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-343218"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4706"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4706"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05106"
},
{
"db": "VULHUB",
"id": "VHN-72647"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008276"
},
{
"db": "NVD",
"id": "CVE-2014-4706"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-211"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-05106"
},
{
"db": "VULHUB",
"id": "VHN-72647"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008276"
},
{
"db": "NVD",
"id": "CVE-2014-4706"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-211"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-05106"
},
{
"date": "2017-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-72647"
},
{
"date": "2017-05-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-008276"
},
{
"date": "2017-04-02T20:59:00.280000",
"db": "NVD",
"id": "CVE-2014-4706"
},
{
"date": "2017-04-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-211"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-05106"
},
{
"date": "2017-04-05T00:00:00",
"db": "VULHUB",
"id": "VHN-72647"
},
{
"date": "2017-05-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-008276"
},
{
"date": "2017-04-05T15:36:59.220000",
"db": "NVD",
"id": "CVE-2014-4706"
},
{
"date": "2017-04-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-211"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-211"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Campus Buffer error vulnerability in product software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-008276"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-211"
}
],
"trust": 0.6
}
}
var-201306-0006
Vulnerability from variot
The Huawei NE5000E, MA5200G, NE40E, NE80E, ATN, NE40, NE80, NE20E-X6, NE20, ME60, CX600, CX200, CX300, ACU, WLAN AC 6605, S9300, S7700, S2300, S3300, S5300, S3300HI, S5300HI, S5306, S6300, S2700, S3700, S5700, S6700, AR G3, H3C AR(OEM IN), AR 19, AR 29, AR 49, Eudemon100E, Eudemon200, Eudemon300, Eudemon500, Eudemon1000, Eudemon1000E-U/USG5300, Eudemon1000E-X/USG5500, Eudemon8080E/USG9300, Eudemon8160E/USG9300, Eudemon8000E-X/USG9500, E200E-C/USG2200, E200E-X3/USG2200, E200E-X5/USG2200, E200E-X7/USG2200, E200E-C/USG5100, E200E-X3/USG5100, E200E-X5/USG5100, E200E-X7/USG5100, E200E-B/USG2100, E200E-X1/USG2100, E200E-X2/USG2100, SVN5300, SVN2000, SVN5000, SVN3000, NIP100, NIP200, NIP1000, NIP2100, NIP2200, and NIP5100 use the DES algorithm for stored passwords, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack. Huawei networking equipment use a DES encryption algorithm for password and encryption. DES is publicly known to be easily cracked. plural Huawei The product uses the stored password DES Because of the use of the algorithm, a vulnerability exists in which a plaintext password is obtained.Brute force attack by attacker (Brute force attack) You may be able to get a plaintext password via. Huawei is the world's leading provider of information and communication solutions. Huawei Quidway is a series of switches developed by Huawei. The Huawei CX600 is based on Huawei's mature VRP platform and has powerful routing, L2/L3 multicast, 5-level H-QoS, packet buffering, and ACL capabilities. Multiple Huawei products are prone to a weak password encryption weakness. Successful exploits may allow an attacker to decrypt stored passwords; this may aid in further attacks. The following are vulnerable: Huawei Quidway series Huawei CX600 V600R001 Huawei CX600 V600R003C00SPC900 Huawei ME60 V600R002C07 and prior versions AR 19/29/49 R2207 and prior versions. Weak password encryption on Huawei products ===========================================
[ADVISORY INFORMATION] Title: Weak password encryption on Huawei products Release date: 13/11/2012 Credits: Roberto Paleari, Emaze Networks (roberto.paleari@emaze.net) Ivan Speziale, Emaze Networks (ivan.speziale@emaze.net)
[VULNERABILITY INFORMATION] Class: Information disclosure
[AFFECTED PRODUCTS] We confirm the presence of this security vulnerability on the following products: * Huawei Quidway series * Huawei CX600
Other models are probably also vulnerable, but they were not checked. As a consequence, passwords extracted from a victim's device can be deciphered instantaneously.
A Python procedure that decodes a given password is included below. Upon termination, procedure decrypt_password() returns the clear-text password.
from Crypto.Cipher import DES
def decode_char(c): if c == 'a': r = '?' else: r = c return ord(r) - ord('!')
def ascii_to_binary(s): assert len(s) == 24
out = [0]*18
i = 0
j = 0
for i in range(0, len(s), 4):
y = decode_char(s[i + 0])
y = (y << 6) & 0xffffff
k = decode_char(s[i + 1])
y = (y | k) & 0xffffff
y = (y << 6) & 0xffffff
k = decode_char(s[i + 2])
y = (y | k) & 0xffffff
y = (y << 6) & 0xffffff
k = decode_char(s[i + 3])
y = (y | k) & 0xffffff
out[j+2] = chr(y & 0xff)
out[j+1] = chr((y>>8) & 0xff)
out[j+0] = chr((y>>16) & 0xff)
j += 3
return "".join(out)
def decrypt_password(p): r = ascii_to_binary(p)
r = r[:16]
d = DES.new("\x01\x02\x03\x04\x05\x06\x07\x08", DES.MODE_ECB)
r = d.decrypt(r)
return r.rstrip("\x00")
[REMEDIATION] We recommend to store passwords using a proper hashing algorithm, instead of leveraging symmetric encryption. Further details are available at the following URL: http://support.huawei.com/enterprise/ReadLatestNewsAction.action?contentId=NEWS1000001141
[COPYRIGHT] Copyright(c) Emaze Networks S.p.A 2012, All rights reserved worldwide. Permission is hereby granted to redistribute this advisory, providing that no changes are made and that the copyright notices and disclaimers remain intact.
[DISCLAIMER] Emaze Networks S.p.A is not responsible for the misuse of the information provided in our security advisories. These advisories are a service to the professional security community. There are NO WARRANTIES with regard to this information. Any application or distribution of this information constitutes acceptance AS IS, at the user's own risk. This information is subject to change without notice
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201306-0006",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acu",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r003c01spc100"
},
{
"model": "acu",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v200r001c00"
},
{
"model": "acu",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v200r001c00spc100"
},
{
"model": "ar g3",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v200r001c00"
},
{
"model": "ar g3",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v200r001c01"
},
{
"model": "ar g3",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v200r002c00spc200"
},
{
"model": "atn",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v200r001c00"
},
{
"model": "atn",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v200r001c01"
},
{
"model": "cx200",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r005"
},
{
"model": "cx300",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r005"
},
{
"model": "cx600",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v200r002"
},
{
"model": "cx600",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v600r001"
},
{
"model": "cx600",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v600r002"
},
{
"model": "cx600",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v600r003"
},
{
"model": "e200e-b",
"scope": "lte",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r005c01"
},
{
"model": "e200e-c",
"scope": "lte",
"trust": 1.8,
"vendor": "huawei",
"version": "v200r003c00"
},
{
"model": "e200e-x1",
"scope": "lte",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r005c01"
},
{
"model": "e200e-x2",
"scope": "lte",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r005c01"
},
{
"model": "eudemon1000",
"scope": "lte",
"trust": 1.8,
"vendor": "huawei",
"version": "v200r006c02"
},
{
"model": "eudemon1000e-u",
"scope": "lte",
"trust": 1.8,
"vendor": "huawei",
"version": "v200r001"
},
{
"model": "eudemon1000e-x",
"scope": "lte",
"trust": 1.8,
"vendor": "huawei",
"version": "v200r002"
},
{
"model": "eudemon100e",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v200r007"
},
{
"model": "eudemon200",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v200r001"
},
{
"model": "eudemon300",
"scope": "lte",
"trust": 1.8,
"vendor": "huawei",
"version": "v200r006c02"
},
{
"model": "eudemon500",
"scope": "lte",
"trust": 1.8,
"vendor": "huawei",
"version": "v200r006c02"
},
{
"model": "eudemon8000e-x",
"scope": "lte",
"trust": 1.8,
"vendor": "huawei",
"version": "v200r001c00spc600"
},
{
"model": "ma5200g",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v200r003"
},
{
"model": "ma5200g",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v300r003"
},
{
"model": "me60",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r005"
},
{
"model": "me60",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r006"
},
{
"model": "me60",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v600r002"
},
{
"model": "me60",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v600r003"
},
{
"model": "me60",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v600r005c00spc600"
},
{
"model": "ne20",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v200r005"
},
{
"model": "ne40",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v300r005"
},
{
"model": "ne40e",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v600r001"
},
{
"model": "ne5000e",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v300r007"
},
{
"model": "ne5000e",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v800r002"
},
{
"model": "ne80",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v300r005"
},
{
"model": "ne80e",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v600r001"
},
{
"model": "ne80e",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v600r002"
},
{
"model": "ne80e",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v600r003"
},
{
"model": "nip100",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r001"
},
{
"model": "nip1000",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r001"
},
{
"model": "nip200",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r001"
},
{
"model": "nip2100",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r001c00"
},
{
"model": "nip2200",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r001c00"
},
{
"model": "nip5100",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r001c00"
},
{
"model": "s2300",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r002"
},
{
"model": "s2300",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r003"
},
{
"model": "s2300",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r005"
},
{
"model": "s2300",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r006"
},
{
"model": "s2700",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r006"
},
{
"model": "s3300",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r002"
},
{
"model": "s3300",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r003"
},
{
"model": "s3300",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r005"
},
{
"model": "s3300",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r006"
},
{
"model": "s3300hi",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r006"
},
{
"model": "s3300hi",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v200r001"
},
{
"model": "s3700",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r005"
},
{
"model": "s3700",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r006"
},
{
"model": "s3700",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v200r001"
},
{
"model": "s5300",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r002"
},
{
"model": "s5300",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r003"
},
{
"model": "s5300",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r005"
},
{
"model": "s5300",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r006"
},
{
"model": "s5300hi",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r006"
},
{
"model": "s5300hi",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v200r001"
},
{
"model": "s5306",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r006"
},
{
"model": "s5306",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v200r001"
},
{
"model": "s5700",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r005"
},
{
"model": "s5700",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r006"
},
{
"model": "s5700",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v200r001"
},
{
"model": "s6300",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r006"
},
{
"model": "s6300",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v200r001"
},
{
"model": "s6700",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r006"
},
{
"model": "s6700",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v200r001"
},
{
"model": "s7700",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r003"
},
{
"model": "s7700",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r006"
},
{
"model": "s9300",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r001"
},
{
"model": "s9300",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r002"
},
{
"model": "s9300",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r003"
},
{
"model": "s9300",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r006"
},
{
"model": "svn2000",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v200r001c00"
},
{
"model": "svn3000",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r002c02spc802b041"
},
{
"model": "svn5000",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v200r001c00"
},
{
"model": "svn5300",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r001c01b019"
},
{
"model": "wlan ac 6605",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v200r001c00"
},
{
"model": "wlan ac 6605",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v200r001c00spc100"
},
{
"model": "cx600",
"scope": null,
"trust": 1.2,
"vendor": "huawei",
"version": null
},
{
"model": "eudemon 8160e",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r003c00"
},
{
"model": "eudemon usg5500",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r002"
},
{
"model": "e200x3",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c00"
},
{
"model": "h3c ar\\",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "r2209"
},
{
"model": "ar 19\\/29\\/49",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "r2207"
},
{
"model": "e200x7",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c00"
},
{
"model": "e200 usg2200",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c00"
},
{
"model": "eudemon usg9500",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c00spc600"
},
{
"model": "e200 usg5100",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c00"
},
{
"model": "eudemon usg5300",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001"
},
{
"model": "ne40e\\/80e",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r002"
},
{
"model": "eudemon 8080e",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r003c00"
},
{
"model": "e200e-usg2100",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r005c01"
},
{
"model": "ne40e\\/80e",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r003"
},
{
"model": "e200x5",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c00"
},
{
"model": "ne40e",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v300r005"
},
{
"model": "ne20e-x6",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v300r005"
},
{
"model": "eudemon usg9300",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r003c00"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ar 19/29/49",
"scope": "lte",
"trust": 0.8,
"vendor": "huawei",
"version": "r2207"
},
{
"model": "e200e-x3",
"scope": "lte",
"trust": 0.8,
"vendor": "huawei",
"version": "v200r003c00"
},
{
"model": "e200e-x5",
"scope": "lte",
"trust": 0.8,
"vendor": "huawei",
"version": "v200r003c00"
},
{
"model": "e200e-x7",
"scope": "lte",
"trust": 0.8,
"vendor": "huawei",
"version": "v200r003c00"
},
{
"model": "e200e/usg2100",
"scope": "lte",
"trust": 0.8,
"vendor": "huawei",
"version": "v100r005c01"
},
{
"model": "e200e/usg2200",
"scope": "lte",
"trust": 0.8,
"vendor": "huawei",
"version": "v200r003c00"
},
{
"model": "e200e/usg5100",
"scope": "lte",
"trust": 0.8,
"vendor": "huawei",
"version": "v200r003c00"
},
{
"model": "eudemon8080e",
"scope": "lte",
"trust": 0.8,
"vendor": "huawei",
"version": "v100r003c00"
},
{
"model": "eudemon8160e",
"scope": "lte",
"trust": 0.8,
"vendor": "huawei",
"version": "v100r003c00"
},
{
"model": "eudemonusg5300",
"scope": "lte",
"trust": 0.8,
"vendor": "huawei",
"version": "v200r001"
},
{
"model": "eudemonusg5500",
"scope": "lte",
"trust": 0.8,
"vendor": "huawei",
"version": "v200r002"
},
{
"model": "eudemonusg9300",
"scope": "lte",
"trust": 0.8,
"vendor": "huawei",
"version": "v100r003c00"
},
{
"model": "eudemonusg9500",
"scope": "lte",
"trust": 0.8,
"vendor": "huawei",
"version": "v200r001c00spc600"
},
{
"model": "h3c ar",
"scope": "lte",
"trust": 0.8,
"vendor": "huawei",
"version": "ar x9 series r2209"
},
{
"model": "ne20e-x6",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "v600r003"
},
{
"model": "ne40e",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "v300r003"
},
{
"model": "ne40e",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "v600r002"
},
{
"model": "ne40e",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "v600r003"
},
{
"model": "ne40e/80e",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "v300r003"
},
{
"model": "ne40e/80e",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "v600r001"
},
{
"model": "ne40e/80e",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "v600r002"
},
{
"model": "ne40e/80e",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "v600r003"
},
{
"model": "ne80e",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "v300r003"
},
{
"model": "s2700",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "v100r005"
},
{
"model": "ne5000e v300r007",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ne5000e v800r002",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ma5200g v200r003",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ma5200g v300r003",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ne40e/80e",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "atn v200r001c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "atn v200r001c01",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ne40/ne80 v300r005",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ne20e-x6 v600r003",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ne20 v200r005",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "me60",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "cx200/cx300 v100r005",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "acu v100r003c01spc100",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "acu v200r001c00spc100",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "acu v200r001c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "wlan ac v200r001c00",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "6605"
},
{
"model": "wlan ac v200r001c00spc100",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "6605"
},
{
"model": "s9300",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s7700",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2300/s3300/s5300",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2300/s3300/s5300/s2700/s3 v100r005",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2300/s3300/s5300/s3300hi/ v100r006",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s3300hi/s5300hi/s5306/s630 v200r001",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar g3 v200r001c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar g3 v200r001c01",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar g3 v200r002c00spc200",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "h3c ar ar series r2209",
"scope": "lte",
"trust": 0.6,
"vendor": "huawei",
"version": "\u003c=x9"
},
{
"model": "ar r2207",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "19/29/49\u003c="
},
{
"model": "eudemon100e v200r007",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "eudemon200 v200r001",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "eudemon300\u0026500\u00261000 v200r006c02",
"scope": "lte",
"trust": 0.6,
"vendor": "huawei",
"version": "\u003c="
},
{
"model": "eudemon1000e-u/usg5300 v200r001",
"scope": "lte",
"trust": 0.6,
"vendor": "huawei",
"version": "\u003c="
},
{
"model": "eudemon1000e-x/usg5500 v200r002",
"scope": "lte",
"trust": 0.6,
"vendor": "huawei",
"version": "\u003c="
},
{
"model": "eudemon8080e\u00268160e/usg9300 v100r003c00",
"scope": "lte",
"trust": 0.6,
"vendor": "huawei",
"version": "\u003c="
},
{
"model": "eudemon8000e-x/usg9500 v200r001c00spc600",
"scope": "lte",
"trust": 0.6,
"vendor": "huawei",
"version": "\u003c="
},
{
"model": "e200e-c\u0026x3\u0026x5\u0026x7/usg2200\u00265100 v200r003c00",
"scope": "lte",
"trust": 0.6,
"vendor": "huawei",
"version": "\u003c="
},
{
"model": "e200e-b\u0026x1\u0026x2/usg2100 v100r005c01",
"scope": "lte",
"trust": 0.6,
"vendor": "huawei",
"version": "\u003c="
},
{
"model": "svn5300 v100r001c01b019",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "svn2000\u00265000 series v200r001c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "svn3000 v100r002c02spc802b041",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "nip100/200/1000 v100r001",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "nip2100\u00262200\u00265100 v100r001c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "quidway series",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "quidway series",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "me60 v600r002c07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "cx600 v600r003c00spc900",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "cx600 v600r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ar r2207",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "19/29/49"
},
{
"model": "me60 v600r005c00spc900",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "cx600 v600r005c00spc900",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "cx600 v600r003c00spca00",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ar r2209",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "19/29/49"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#948096"
},
{
"db": "CNVD",
"id": "CNVD-2013-08074"
},
{
"db": "CNVD",
"id": "CNVD-2012-6517"
},
{
"db": "BID",
"id": "56510"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006004"
},
{
"db": "NVD",
"id": "CVE-2012-4960"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:ma5200g:v300r003:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ma5200g:v200r003:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ne40e:v300r005:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:atn:v200r001c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:atn:v200r001c01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:me60:v600r002:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:me60:v600r003:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:cx300:v100r005:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:acu:v100r003c01spc100:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:acu:v200r001c00spc100:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s9300:v100r006:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s7700:v100r003:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s5300:v100r003:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s2300:v100r005:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s3300hi:v100r006:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s5300hi:v100r006:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s3300hi:v200r001:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s5300hi:v200r001:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ar_g3:v200r001c01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ar_g3:v200r002c00spc200:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:eudemon_usg5500:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v200r002",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:eudemon_8160e:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v100r003c00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:e200x5:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v200r003c00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:e200x7:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v200r003c00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:h3c_ar\\(oem_in\\):*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r2209",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:eudemon500:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v200r006c02",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:svn3000:v100r002c02spc802b041:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:svn5000:v200r001c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ne40e:v600r001:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ne80e:v600r001:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ne40:v300r005:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ne80:v300r005:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:me60:v600r005c00spc600:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:cx600:v200r002:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:acu:v200r001c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:wlan_ac_6605:v200r001c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s7700:v100r006:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s2300:v100r002:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s3300:v100r005:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s5300:v100r005:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s5306:v100r006:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s6300:v100r006:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s5306:v200r001:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s6300:v200r001:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ar_19\\/29\\/49:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r2207",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:eudemon100e:v200r007:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:eudemon_8080e:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v100r003c00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:eudemon_usg9300:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v100r003c00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:e200_usg2200:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v200r003c00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:e200_usg5100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v200r003c00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:eudemon1000:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v200r006c02",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:nip5100:v100r001c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:nip2200:v100r001c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:svn2000:v200r001c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:svn5300:v100r001c01b019:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ne40e\\/80e:v600r002:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ne80e:v600r002:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ne20e-x6:v300r005:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ne20:v200r005:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:cx600:v600r001:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:cx600:v600r002:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:wlan_ac_6605:v200r001c00spc100:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s9300:v100r001:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s2300:v100r003:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s3300:v100r002:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s3700:v100r005:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s5700:v100r005:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s2700:v100r006:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s3700:v100r006:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s3700:v200r001:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s5700:v200r001:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:eudemon200:v200r001:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:eudemon300:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v200r006c02",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:eudemon1000e-u:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v200r001",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:eudemon8000e-x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v200r001c00spc600",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:eudemon_usg9500:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v200r001c00spc600",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:e200e-b:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v100r005c01",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:e200e-x1:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v100r005c01",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:nip2100:v100r001c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:nip1000:v100r001:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ne5000e:v300r007:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ne5000e:v800r002:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ne40e\\/80e:v600r003:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ne80e:v600r003:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:me60:v100r005:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:me60:v100r006:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:cx600:v600r003:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:cx200:v100r005:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s9300:v100r002:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s9300:v100r003:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s3300:v100r003:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s5300:v100r002:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s2300:v100r006:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s3300:v100r006:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s5300:v100r006:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s5700:v100r006:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s6700:v100r006:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s6700:v200r001:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ar_g3:v200r001c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:eudemon_usg5300:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v200r001",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:eudemon1000e-x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v200r002",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:e200e-c:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v200r003c00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:e200x3:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v200r003c00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:e200e-x2:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v100r005c01",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:e200e-usg2100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "v100r005c01",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:nip200:v100r001:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:nip100:v100r001:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4960"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Roberto Paleari and Ivan Speziale from Emaze Networks",
"sources": [
{
"db": "BID",
"id": "56510"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-280"
}
],
"trust": 0.9
},
"cve": "CVE-2012-4960",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 6.5,
"collateralDamagePotential": "LOW-MEDIUM",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 5.1,
"exploitability": "FUNCTIONAL",
"exploitabilityScore": 8.0,
"id": "CVE-2012-4960",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "MEDIUM",
"targetDistribution": "MEDIUM",
"trust": 0.8,
"userInterationRequired": null,
"vector_string": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2012-4960",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2013-08074",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-58241",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-4960",
"trust": 2.6,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2013-08074",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201306-403",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-58241",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#948096"
},
{
"db": "CNVD",
"id": "CNVD-2013-08074"
},
{
"db": "VULHUB",
"id": "VHN-58241"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006004"
},
{
"db": "NVD",
"id": "CVE-2012-4960"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-403"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Huawei NE5000E, MA5200G, NE40E, NE80E, ATN, NE40, NE80, NE20E-X6, NE20, ME60, CX600, CX200, CX300, ACU, WLAN AC 6605, S9300, S7700, S2300, S3300, S5300, S3300HI, S5300HI, S5306, S6300, S2700, S3700, S5700, S6700, AR G3, H3C AR(OEM IN), AR 19, AR 29, AR 49, Eudemon100E, Eudemon200, Eudemon300, Eudemon500, Eudemon1000, Eudemon1000E-U/USG5300, Eudemon1000E-X/USG5500, Eudemon8080E/USG9300, Eudemon8160E/USG9300, Eudemon8000E-X/USG9500, E200E-C/USG2200, E200E-X3/USG2200, E200E-X5/USG2200, E200E-X7/USG2200, E200E-C/USG5100, E200E-X3/USG5100, E200E-X5/USG5100, E200E-X7/USG5100, E200E-B/USG2100, E200E-X1/USG2100, E200E-X2/USG2100, SVN5300, SVN2000, SVN5000, SVN3000, NIP100, NIP200, NIP1000, NIP2100, NIP2200, and NIP5100 use the DES algorithm for stored passwords, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack. Huawei networking equipment use a DES encryption algorithm for password and encryption. DES is publicly known to be easily cracked. plural Huawei The product uses the stored password DES Because of the use of the algorithm, a vulnerability exists in which a plaintext password is obtained.Brute force attack by attacker (Brute force attack) You may be able to get a plaintext password via. Huawei is the world\u0027s leading provider of information and communication solutions. Huawei Quidway is a series of switches developed by Huawei. The Huawei CX600 is based on Huawei\u0027s mature VRP platform and has powerful routing, L2/L3 multicast, 5-level H-QoS, packet buffering, and ACL capabilities. Multiple Huawei products are prone to a weak password encryption weakness. \nSuccessful exploits may allow an attacker to decrypt stored passwords; this may aid in further attacks. \nThe following are vulnerable:\nHuawei Quidway series\nHuawei CX600 V600R001\nHuawei CX600 V600R003C00SPC900\nHuawei ME60 V600R002C07 and prior versions\nAR 19/29/49 R2207 and prior versions. Weak password encryption on Huawei products\n===========================================\n\n[ADVISORY INFORMATION]\nTitle:\t\tWeak password encryption on Huawei products\nRelease date: 13/11/2012\nCredits: \tRoberto Paleari, Emaze Networks (roberto.paleari@emaze.net)\n\t\tIvan Speziale, Emaze Networks (ivan.speziale@emaze.net)\n\n[VULNERABILITY INFORMATION]\nClass: \t Information disclosure\n\n[AFFECTED PRODUCTS]\nWe confirm the presence of this security vulnerability on the following\nproducts:\n * Huawei Quidway series\n * Huawei CX600\n\nOther models are probably also vulnerable, but they were not checked. As a consequence, passwords extracted from a\nvictim\u0027s device can be deciphered instantaneously. \n\nA Python procedure that decodes a given password is included below. Upon\ntermination, procedure decrypt_password() returns the clear-text password. \n\n\u003ccut\u003e\nfrom Crypto.Cipher import DES\n\ndef decode_char(c):\n if c == \u0027a\u0027:\n r = \u0027?\u0027\n else:\n r = c\n return ord(r) - ord(\u0027!\u0027)\n\ndef ascii_to_binary(s):\n assert len(s) == 24\n\n out = [0]*18\n i = 0\n j = 0\n\n for i in range(0, len(s), 4):\n y = decode_char(s[i + 0])\n y = (y \u003c\u003c 6) \u0026 0xffffff\n\n k = decode_char(s[i + 1])\n y = (y | k) \u0026 0xffffff\n y = (y \u003c\u003c 6) \u0026 0xffffff\n\n k = decode_char(s[i + 2])\n y = (y | k) \u0026 0xffffff\n y = (y \u003c\u003c 6) \u0026 0xffffff\n\n k = decode_char(s[i + 3])\n y = (y | k) \u0026 0xffffff\n\n out[j+2] = chr(y \u0026 0xff)\n out[j+1] = chr((y\u003e\u003e8) \u0026 0xff)\n out[j+0] = chr((y\u003e\u003e16) \u0026 0xff)\n\n j += 3\n\n return \"\".join(out)\n\ndef decrypt_password(p):\n r = ascii_to_binary(p)\n\n r = r[:16]\n\n d = DES.new(\"\\x01\\x02\\x03\\x04\\x05\\x06\\x07\\x08\", DES.MODE_ECB)\n r = d.decrypt(r)\n\n return r.rstrip(\"\\x00\")\n\u003c/cut\u003e\n\n\n[REMEDIATION] \nWe recommend to store passwords using a proper hashing algorithm, instead of\nleveraging symmetric encryption. Further details are available at the following URL:\nhttp://support.huawei.com/enterprise/ReadLatestNewsAction.action?contentId=NEWS1000001141\n\n[COPYRIGHT]\nCopyright(c) Emaze Networks S.p.A 2012, All rights reserved worldwide. \nPermission is hereby granted to redistribute this advisory, providing that no\nchanges are made and that the copyright notices and disclaimers remain intact. \n\n[DISCLAIMER]\nEmaze Networks S.p.A is not responsible for the misuse of the information\nprovided in our security advisories. These advisories are a service to the\nprofessional security community. There are NO WARRANTIES with regard to this\ninformation. Any application or distribution of this information constitutes\nacceptance AS IS, at the user\u0027s own risk. This information is subject to change\nwithout notice",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4960"
},
{
"db": "CERT/CC",
"id": "VU#948096"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006004"
},
{
"db": "CNVD",
"id": "CNVD-2013-08074"
},
{
"db": "CNVD",
"id": "CNVD-2012-6517"
},
{
"db": "BID",
"id": "56510"
},
{
"db": "VULHUB",
"id": "VHN-58241"
},
{
"db": "PACKETSTORM",
"id": "118054"
}
],
"trust": 3.87
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-58241",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58241"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-4960",
"trust": 4.2
},
{
"db": "CERT/CC",
"id": "VU#948096",
"trust": 2.7
},
{
"db": "BID",
"id": "56510",
"trust": 1.6
},
{
"db": "JVN",
"id": "JVNVU90202792",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006004",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "118054",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2013-08074",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2012-6517",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201211-280",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201306-403",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "38020",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-58241",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#948096"
},
{
"db": "CNVD",
"id": "CNVD-2013-08074"
},
{
"db": "CNVD",
"id": "CNVD-2012-6517"
},
{
"db": "VULHUB",
"id": "VHN-58241"
},
{
"db": "BID",
"id": "56510"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006004"
},
{
"db": "PACKETSTORM",
"id": "118054"
},
{
"db": "NVD",
"id": "CVE-2012-4960"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-280"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-403"
}
]
},
"id": "VAR-201306-0006",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-08074"
},
{
"db": "CNVD",
"id": "CNVD-2012-6517"
},
{
"db": "VULHUB",
"id": "VHN-58241"
}
],
"trust": 2.164663294642857
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 1.2
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-08074"
},
{
"db": "CNVD",
"id": "CNVD-2012-6517"
}
]
},
"last_update_date": "2023-12-18T13:44:36.277000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Huawei-SA-20120827-01-CX600",
"trust": 0.8,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194373.htm"
},
{
"title": "Huawei multiple product encryption is not a strong vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/34800"
},
{
"title": "Huawei patch for multiple product password encryption vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/25088"
},
{
"title": "Huawei Fixing measures for vulnerabilities of encryption problems in many products",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=170984"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-08074"
},
{
"db": "CNVD",
"id": "CNVD-2012-6517"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006004"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-403"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58241"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006004"
},
{
"db": "NVD",
"id": "CVE-2012-4960"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194373.htm"
},
{
"trust": 1.9,
"url": "http://www.kb.cert.org/vuls/id/948096"
},
{
"trust": 0.8,
"url": "about vulnerability notes"
},
{
"trust": 0.8,
"url": "contact us about this vulnerability"
},
{
"trust": 0.8,
"url": "provide a vendor statement"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4960"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu90202792/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4960"
},
{
"trust": 0.6,
"url": "http://packetstormsecurity.org/files/118054/huawei-weak-password-encryption.html"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/56510"
},
{
"trust": 0.4,
"url": "http://support.huawei.com/enterprise/readlatestnewsaction.action?contentid=news1000001141"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/"
},
{
"trust": 0.3,
"url": "msg://bugtraq/201211130911.qad9ba1q022014@sf01web1.securityfocus.com"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#948096"
},
{
"db": "CNVD",
"id": "CNVD-2013-08074"
},
{
"db": "CNVD",
"id": "CNVD-2012-6517"
},
{
"db": "VULHUB",
"id": "VHN-58241"
},
{
"db": "BID",
"id": "56510"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006004"
},
{
"db": "PACKETSTORM",
"id": "118054"
},
{
"db": "NVD",
"id": "CVE-2012-4960"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-280"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-403"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#948096"
},
{
"db": "CNVD",
"id": "CNVD-2013-08074"
},
{
"db": "CNVD",
"id": "CNVD-2012-6517"
},
{
"db": "VULHUB",
"id": "VHN-58241"
},
{
"db": "BID",
"id": "56510"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006004"
},
{
"db": "PACKETSTORM",
"id": "118054"
},
{
"db": "NVD",
"id": "CVE-2012-4960"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-280"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-403"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-08-05T00:00:00",
"db": "CERT/CC",
"id": "VU#948096"
},
{
"date": "2013-06-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-08074"
},
{
"date": "2012-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-6517"
},
{
"date": "2013-06-20T00:00:00",
"db": "VULHUB",
"id": "VHN-58241"
},
{
"date": "2012-11-13T00:00:00",
"db": "BID",
"id": "56510"
},
{
"date": "2013-06-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-006004"
},
{
"date": "2012-11-13T23:22:55",
"db": "PACKETSTORM",
"id": "118054"
},
{
"date": "2013-06-20T15:55:00.897000",
"db": "NVD",
"id": "CVE-2012-4960"
},
{
"date": "2012-11-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201211-280"
},
{
"date": "2013-06-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201306-403"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-10-03T00:00:00",
"db": "CERT/CC",
"id": "VU#948096"
},
{
"date": "2013-07-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-08074"
},
{
"date": "2012-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-6517"
},
{
"date": "2013-08-22T00:00:00",
"db": "VULHUB",
"id": "VHN-58241"
},
{
"date": "2015-03-19T08:28:00",
"db": "BID",
"id": "56510"
},
{
"date": "2013-08-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-006004"
},
{
"date": "2013-08-22T03:59:17.713000",
"db": "NVD",
"id": "CVE-2012-4960"
},
{
"date": "2012-12-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201211-280"
},
{
"date": "2021-11-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201306-403"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201211-280"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-403"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei networking equipment weak password cipher",
"sources": [
{
"db": "CERT/CC",
"id": "VU#948096"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201211-280"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-403"
}
],
"trust": 1.2
}
}
var-201306-0210
Vulnerability from variot
The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, and S7800 switches uses predictable Session ID values, which makes it easier for remote attackers to hijack sessions via a brute-force attack. Huawei AR routers and Huawei S series switches are network devices of Huawei products. Conversation. An attacker can exploit this issue to gain unauthorized access to the affected device. Huawei Access Router (AR) is a low-end router product developed by Huawei in China. This product provides mobile and fixed network access methods, suitable for enterprise networks. Predictable session ID value
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201306-0210",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ar 18-1x",
"scope": "lte",
"trust": 1.8,
"vendor": "huawei",
"version": "r0130"
},
{
"model": "ar 18-2x",
"scope": "lte",
"trust": 1.8,
"vendor": "huawei",
"version": "r1712"
},
{
"model": "ar 18-3x",
"scope": "lte",
"trust": 1.8,
"vendor": "huawei",
"version": "r0118"
},
{
"model": "s8500",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "r1631"
},
{
"model": "s3300hi",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "s7800",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "s5100",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "s3300",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "s3500",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "s3700",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "s8500",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "r1632"
},
{
"model": "s5600",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "s3900",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "s2000",
"scope": null,
"trust": 1.4,
"vendor": "huawei",
"version": null
},
{
"model": "s3000",
"scope": null,
"trust": 1.4,
"vendor": "huawei",
"version": null
},
{
"model": "s3500",
"scope": null,
"trust": 1.4,
"vendor": "huawei",
"version": null
},
{
"model": "s3900",
"scope": null,
"trust": 1.4,
"vendor": "huawei",
"version": null
},
{
"model": "s5100",
"scope": null,
"trust": 1.4,
"vendor": "huawei",
"version": null
},
{
"model": "s5600",
"scope": null,
"trust": 1.4,
"vendor": "huawei",
"version": null
},
{
"model": "ar 19\\/29\\/49",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "r2207"
},
{
"model": "s2300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "s3000",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "ar 28\\/46",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "r0311"
},
{
"model": "s2000",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "s2700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "ar 19/29/49",
"scope": "lte",
"trust": 0.8,
"vendor": "huawei",
"version": "r2207 \\\\\\\\ k"
},
{
"model": "ar 28/46",
"scope": "lte",
"trust": 0.8,
"vendor": "huawei",
"version": "r0311 \\\\\\\\ k"
},
{
"model": "ar routers",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s7800",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s8500",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "s7800",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "s5600",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "s5100",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "s3900",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "s3500",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "s3000",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "s2000",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "ar49",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "ar46",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "ar29",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "ar28",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "ar19",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "ar18-3x",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "ar18-2x",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "ar18-1x",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ar 18 1x",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ar 18 2x",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ar 18 3x",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ar 19 29 49",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ar 28 46",
"version": "*"
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s2000",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s2300",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s2700",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s3000",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s3300",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s3300hi",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s3500",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s3700",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s3900",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s5100",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s5600",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s7800",
"version": null
},
{
"model": "r1631",
"scope": null,
"trust": 0.2,
"vendor": "s8500",
"version": null
},
{
"model": "r1632",
"scope": null,
"trust": 0.2,
"vendor": "s8500",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "e444d314-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-08071"
},
{
"db": "BID",
"id": "60713"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006008"
},
{
"db": "NVD",
"id": "CVE-2012-6571"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-407"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:ar_19\\/29\\/49:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r2207",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ar_28\\/46:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r0311",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ar_18-3x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r0118",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ar_18-2x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r1712",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ar_18-1x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r0130",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s2300:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s2000:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s3900:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s5100:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s5600:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s2700:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s3000:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s7800:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s8500:r1631:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s3300:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s3300hi:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s8500:r1632:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s3700:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s3500:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-6571"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Felix Lindner of Recurity Labs GmbH",
"sources": [
{
"db": "BID",
"id": "60713"
}
],
"trust": 0.3
},
"cve": "CVE-2012-6571",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2012-6571",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-08071",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e444d314-2352-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-59852",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-6571",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2013-08071",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201306-407",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e444d314-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-59852",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e444d314-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-08071"
},
{
"db": "VULHUB",
"id": "VHN-59852"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006008"
},
{
"db": "NVD",
"id": "CVE-2012-6571"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-407"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, and S7800 switches uses predictable Session ID values, which makes it easier for remote attackers to hijack sessions via a brute-force attack. Huawei AR routers and Huawei S series switches are network devices of Huawei products. Conversation. \nAn attacker can exploit this issue to gain unauthorized access to the affected device. Huawei Access Router (AR) is a low-end router product developed by Huawei in China. This product provides mobile and fixed network access methods, suitable for enterprise networks. Predictable session ID value",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-6571"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006008"
},
{
"db": "CNVD",
"id": "CNVD-2013-08071"
},
{
"db": "BID",
"id": "60713"
},
{
"db": "IVD",
"id": "e444d314-2352-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-59852"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-6571",
"trust": 3.6
},
{
"db": "BID",
"id": "60713",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201306-407",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2013-08071",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006008",
"trust": 0.8
},
{
"db": "IVD",
"id": "E444D314-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-59852",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e444d314-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-08071"
},
{
"db": "VULHUB",
"id": "VHN-59852"
},
{
"db": "BID",
"id": "60713"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006008"
},
{
"db": "NVD",
"id": "CVE-2012-6571"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-407"
}
]
},
"id": "VAR-201306-0210",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e444d314-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-08071"
},
{
"db": "VULHUB",
"id": "VHN-59852"
}
],
"trust": 1.53885397
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e444d314-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-08071"
}
]
},
"last_update_date": "2023-12-18T13:09:31.250000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Huawei-SA-20120808-01-HTTP-Module",
"trust": 0.8,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194371.htm"
},
{
"title": "Huawei AR router and switch HTTP module session ID predictable vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/34803"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-08071"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006008"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-59852"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006008"
},
{
"db": "NVD",
"id": "CVE-2012-6571"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194371.htm"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-6571"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-6571"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-08071"
},
{
"db": "VULHUB",
"id": "VHN-59852"
},
{
"db": "BID",
"id": "60713"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006008"
},
{
"db": "NVD",
"id": "CVE-2012-6571"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-407"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e444d314-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-08071"
},
{
"db": "VULHUB",
"id": "VHN-59852"
},
{
"db": "BID",
"id": "60713"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006008"
},
{
"db": "NVD",
"id": "CVE-2012-6571"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-407"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-06-25T00:00:00",
"db": "IVD",
"id": "e444d314-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2013-06-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-08071"
},
{
"date": "2013-06-20T00:00:00",
"db": "VULHUB",
"id": "VHN-59852"
},
{
"date": "2012-08-04T00:00:00",
"db": "BID",
"id": "60713"
},
{
"date": "2013-06-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-006008"
},
{
"date": "2013-06-20T15:55:00.983000",
"db": "NVD",
"id": "CVE-2012-6571"
},
{
"date": "2013-06-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201306-407"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-06-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-08071"
},
{
"date": "2013-09-02T00:00:00",
"db": "VULHUB",
"id": "VHN-59852"
},
{
"date": "2012-08-04T00:00:00",
"db": "BID",
"id": "60713"
},
{
"date": "2013-06-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-006008"
},
{
"date": "2013-09-02T06:29:24.353000",
"db": "NVD",
"id": "CVE-2012-6571"
},
{
"date": "2013-06-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201306-407"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201306-407"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei of AR Vulnerability to hijack sessions in router and switch products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-006008"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201306-407"
}
],
"trust": 0.6
}
}
var-201306-0208
Vulnerability from variot
Stack-based buffer overflow in the HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches allows remote attackers to execute arbitrary code via a long URI. Huawei AR routers and Huawei S series switches are network devices of Huawei products. Attackers may be able to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Huawei Access Router (AR) is a low-end router product developed by Huawei in China. This product provides mobile and fixed network access methods, suitable for enterprise networks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201306-0208",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "s3300",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "s3300hi",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "s3500",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "s3700",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "s3900",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "s5100",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "s5600",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "s7800",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "ar 18-1x",
"scope": "lte",
"trust": 1.8,
"vendor": "huawei",
"version": "r0130"
},
{
"model": "ar 18-2x",
"scope": "lte",
"trust": 1.8,
"vendor": "huawei",
"version": "r1712"
},
{
"model": "s2000",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "s2300",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "s2700",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "s3000",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "s8500",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "r1631"
},
{
"model": "s8500",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "r1632"
},
{
"model": "ar 19\\/29\\/49",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "r2207"
},
{
"model": "ar 28\\/46",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "r0311"
},
{
"model": "ar 18-3x",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "r0118"
},
{
"model": "ar 18-2x",
"scope": "lte",
"trust": 0.8,
"vendor": "huawei",
"version": "r0118"
},
{
"model": "ar 19/29/49",
"scope": "lte",
"trust": 0.8,
"vendor": "huawei",
"version": "r2207"
},
{
"model": "ar 28/46",
"scope": "lte",
"trust": 0.8,
"vendor": "huawei",
"version": "r0311"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "r1631 and r1632"
},
{
"model": "ar routers",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2000",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s3000",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s3500",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s3900",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5100",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5600",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s7800",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s8500",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "s7800",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "s5600",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "s5100",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "s3900",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "s3500",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "s3000",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "s2000",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "ar49",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "ar46",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "ar29",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "ar28",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "ar19",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "ar18-3x",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "ar18-2x",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "ar18-1x",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ar 18 1x",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ar 18 2x",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ar 18 3x",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ar 19 29 49",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ar 28 46",
"version": "*"
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s2000",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s2300",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s2700",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s3000",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s3300",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s3300hi",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s3500",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s3700",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s3900",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s5100",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s5600",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s7800",
"version": null
},
{
"model": "r1631",
"scope": null,
"trust": 0.2,
"vendor": "s8500",
"version": null
},
{
"model": "r1632",
"scope": null,
"trust": 0.2,
"vendor": "s8500",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "e42fb632-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-08073"
},
{
"db": "BID",
"id": "60708"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006006"
},
{
"db": "NVD",
"id": "CVE-2012-6569"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-405"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:ar_28\\/46:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r0311",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ar_18-2x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r1712",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ar_19\\/29\\/49:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r2207",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ar_18-3x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r0118",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ar_18-1x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r0130",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s2300:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s2000:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s2700:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s3000:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s3300:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s3700:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s8500:r1632:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s3900:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s5100:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s5600:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s7800:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s3300hi:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s3500:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s8500:r1631:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-6569"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Felix Lindner of Recurity Labs GmbH",
"sources": [
{
"db": "BID",
"id": "60708"
}
],
"trust": 0.3
},
"cve": "CVE-2012-6569",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-6569",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CNVD-2013-08073",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "e42fb632-2352-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-59850",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-6569",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2013-08073",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201306-405",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "e42fb632-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-59850",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e42fb632-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-08073"
},
{
"db": "VULHUB",
"id": "VHN-59850"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006006"
},
{
"db": "NVD",
"id": "CVE-2012-6569"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-405"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in the HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches allows remote attackers to execute arbitrary code via a long URI. Huawei AR routers and Huawei S series switches are network devices of Huawei products. \nAttackers may be able to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Huawei Access Router (AR) is a low-end router product developed by Huawei in China. This product provides mobile and fixed network access methods, suitable for enterprise networks",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-6569"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006006"
},
{
"db": "CNVD",
"id": "CNVD-2013-08073"
},
{
"db": "BID",
"id": "60708"
},
{
"db": "IVD",
"id": "e42fb632-2352-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-59850"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-6569",
"trust": 3.6
},
{
"db": "BID",
"id": "60708",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201306-405",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2013-08073",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006006",
"trust": 0.8
},
{
"db": "IVD",
"id": "E42FB632-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-59850",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e42fb632-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-08073"
},
{
"db": "VULHUB",
"id": "VHN-59850"
},
{
"db": "BID",
"id": "60708"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006006"
},
{
"db": "NVD",
"id": "CVE-2012-6569"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-405"
}
]
},
"id": "VAR-201306-0208",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e42fb632-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-08073"
},
{
"db": "VULHUB",
"id": "VHN-59850"
}
],
"trust": 1.53885397
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e42fb632-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-08073"
}
]
},
"last_update_date": "2023-12-18T12:21:41.130000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Huawei-SA-20120808-02-HTTP-Module",
"trust": 0.8,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194370.htm"
},
{
"title": "Huawei AR Router and Switch HTTP Module Buffer Overflow Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/34801"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-08073"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006006"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-59850"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006006"
},
{
"db": "NVD",
"id": "CVE-2012-6569"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194370.htm"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-6569"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-6569"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-08073"
},
{
"db": "VULHUB",
"id": "VHN-59850"
},
{
"db": "BID",
"id": "60708"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006006"
},
{
"db": "NVD",
"id": "CVE-2012-6569"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-405"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e42fb632-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-08073"
},
{
"db": "VULHUB",
"id": "VHN-59850"
},
{
"db": "BID",
"id": "60708"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006006"
},
{
"db": "NVD",
"id": "CVE-2012-6569"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-405"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-06-25T00:00:00",
"db": "IVD",
"id": "e42fb632-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2013-06-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-08073"
},
{
"date": "2013-06-20T00:00:00",
"db": "VULHUB",
"id": "VHN-59850"
},
{
"date": "2012-08-04T00:00:00",
"db": "BID",
"id": "60708"
},
{
"date": "2013-06-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-006006"
},
{
"date": "2013-06-20T15:55:00.950000",
"db": "NVD",
"id": "CVE-2012-6569"
},
{
"date": "2013-06-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201306-405"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-06-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-08073"
},
{
"date": "2013-06-21T00:00:00",
"db": "VULHUB",
"id": "VHN-59850"
},
{
"date": "2012-08-04T00:00:00",
"db": "BID",
"id": "60708"
},
{
"date": "2013-06-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-006006"
},
{
"date": "2013-06-21T04:00:00",
"db": "NVD",
"id": "CVE-2012-6569"
},
{
"date": "2013-06-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201306-405"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201306-405"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei of AR Stack-based buffer overflow vulnerability in router and switch products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-006006"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "e42fb632-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-405"
}
],
"trust": 0.8
}
}
var-201306-0209
Vulnerability from variot
The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches does not check whether HTTP data is longer than the value of the Content-Length field, which allows remote HTTP servers to conduct heap-based buffer overflow attacks and execute arbitrary code via a crafted response. Huawei AR routers and Huawei S series switches are network devices of Huawei products. Attackers may be able to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Huawei Access Router (AR) is a low-end router product developed by Huawei in China. This product provides mobile and fixed network access methods, suitable for enterprise networks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201306-0209",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "s2700",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "s3300hi",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "s3500",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "s3700",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "s3900",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "s5100",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "s5600",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "s7800",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "ar 18-1x",
"scope": "lte",
"trust": 1.8,
"vendor": "huawei",
"version": "r0130"
},
{
"model": "ar 18-2x",
"scope": "lte",
"trust": 1.8,
"vendor": "huawei",
"version": "r1712"
},
{
"model": "ar 18-3x",
"scope": "lte",
"trust": 1.8,
"vendor": "huawei",
"version": "r0118"
},
{
"model": "s2000",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "s2300",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "s3000",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "s3300",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "r6305"
},
{
"model": "s8500",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "r1631"
},
{
"model": "s8500",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "r1632"
},
{
"model": "ar 19\\/29\\/49",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "r2207"
},
{
"model": "ar 28\\/46",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "r0311"
},
{
"model": "ar 19/29/49",
"scope": "lte",
"trust": 0.8,
"vendor": "huawei",
"version": "r2207"
},
{
"model": "ar 28/46",
"scope": "lte",
"trust": 0.8,
"vendor": "huawei",
"version": "r0311"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "r1631 and r1632"
},
{
"model": "ar routers",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2000",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s3000",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s3500",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s3900",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5100",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5600",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s7800",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s8500",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ar 18 1x",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ar 18 2x",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ar 18 3x",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ar 19 29 49",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ar 28 46",
"version": "*"
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s2000",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s2300",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s2700",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s3000",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s3300",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s3300hi",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s3500",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s3700",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s3900",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s5100",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s5600",
"version": null
},
{
"model": "r6305",
"scope": null,
"trust": 0.2,
"vendor": "s7800",
"version": null
},
{
"model": "r1631",
"scope": null,
"trust": 0.2,
"vendor": "s8500",
"version": null
},
{
"model": "r1632",
"scope": null,
"trust": 0.2,
"vendor": "s8500",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "e44f6a90-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-08072"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006007"
},
{
"db": "NVD",
"id": "CVE-2012-6570"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-406"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:ar_28\\/46:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r0311",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ar_18-3x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r0118",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ar_18-2x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r1712",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ar_18-1x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r0130",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ar_19\\/29\\/49:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r2207",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s8500:r1631:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s8500:r1632:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s2000:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s3000:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s3900:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s5600:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s3300:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s3300hi:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s3700:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s3500:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s2300:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s2700:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s5100:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:s7800:r6305:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-6570"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Felix Lindner of Recurity Labs GmbH",
"sources": [
{
"db": "BID",
"id": "60712"
}
],
"trust": 0.3
},
"cve": "CVE-2012-6570",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-6570",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-08072",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e44f6a90-2352-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-59851",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-6570",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2013-08072",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201306-406",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "e44f6a90-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-59851",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e44f6a90-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-08072"
},
{
"db": "VULHUB",
"id": "VHN-59851"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006007"
},
{
"db": "NVD",
"id": "CVE-2012-6570"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-406"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches does not check whether HTTP data is longer than the value of the Content-Length field, which allows remote HTTP servers to conduct heap-based buffer overflow attacks and execute arbitrary code via a crafted response. Huawei AR routers and Huawei S series switches are network devices of Huawei products. \nAttackers may be able to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Huawei Access Router (AR) is a low-end router product developed by Huawei in China. This product provides mobile and fixed network access methods, suitable for enterprise networks",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-6570"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006007"
},
{
"db": "CNVD",
"id": "CNVD-2013-08072"
},
{
"db": "BID",
"id": "60712"
},
{
"db": "IVD",
"id": "e44f6a90-2352-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-59851"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-6570",
"trust": 3.6
},
{
"db": "BID",
"id": "60712",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201306-406",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2013-08072",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006007",
"trust": 0.8
},
{
"db": "IVD",
"id": "E44F6A90-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-59851",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e44f6a90-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-08072"
},
{
"db": "VULHUB",
"id": "VHN-59851"
},
{
"db": "BID",
"id": "60712"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006007"
},
{
"db": "NVD",
"id": "CVE-2012-6570"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-406"
}
]
},
"id": "VAR-201306-0209",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e44f6a90-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-08072"
},
{
"db": "VULHUB",
"id": "VHN-59851"
}
],
"trust": 1.53885397
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e44f6a90-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-08072"
}
]
},
"last_update_date": "2023-12-18T13:53:29.193000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Huawei-SA-20120808-03-HTTP-Module",
"trust": 0.8,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194361.htm"
},
{
"title": "Huawei AR Router and Switch HTTP Module Header Field Handling Buffer Overflow Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/34802"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-08072"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006007"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-59851"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006007"
},
{
"db": "NVD",
"id": "CVE-2012-6570"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194361.htm"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-6570"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-6570"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-08072"
},
{
"db": "VULHUB",
"id": "VHN-59851"
},
{
"db": "BID",
"id": "60712"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006007"
},
{
"db": "NVD",
"id": "CVE-2012-6570"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-406"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e44f6a90-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-08072"
},
{
"db": "VULHUB",
"id": "VHN-59851"
},
{
"db": "BID",
"id": "60712"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006007"
},
{
"db": "NVD",
"id": "CVE-2012-6570"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-406"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-06-25T00:00:00",
"db": "IVD",
"id": "e44f6a90-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2013-06-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-08072"
},
{
"date": "2013-06-20T00:00:00",
"db": "VULHUB",
"id": "VHN-59851"
},
{
"date": "2013-06-20T00:00:00",
"db": "BID",
"id": "60712"
},
{
"date": "2013-06-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-006007"
},
{
"date": "2013-06-20T15:55:00.967000",
"db": "NVD",
"id": "CVE-2012-6570"
},
{
"date": "2013-06-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201306-406"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-06-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-08072"
},
{
"date": "2013-06-21T00:00:00",
"db": "VULHUB",
"id": "VHN-59851"
},
{
"date": "2015-03-19T08:38:00",
"db": "BID",
"id": "60712"
},
{
"date": "2013-06-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-006007"
},
{
"date": "2013-06-21T04:00:00",
"db": "NVD",
"id": "CVE-2012-6570"
},
{
"date": "2013-06-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201306-406"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201306-406"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei of AR Heap-based buffer overflow vulnerability in router and switch products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-006007"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "e44f6a90-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-406"
}
],
"trust": 0.8
}
}
Vulnerability from fkie_nvd
Published
2013-06-20 15:55
Modified
2024-11-21 01:46
Severity ?
Summary
Stack-based buffer overflow in the HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches allows remote attackers to execute arbitrary code via a long URI.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | ar_18-1x | * | |
| huawei | ar_18-2x | * | |
| huawei | ar_18-3x | * | |
| huawei | ar_19\/29\/49 | * | |
| huawei | ar_28\/46 | * | |
| huawei | s2000 | r6305 | |
| huawei | s2300 | r6305 | |
| huawei | s2700 | r6305 | |
| huawei | s3000 | r6305 | |
| huawei | s3300 | r6305 | |
| huawei | s3300hi | r6305 | |
| huawei | s3500 | r6305 | |
| huawei | s3700 | r6305 | |
| huawei | s3900 | r6305 | |
| huawei | s5100 | r6305 | |
| huawei | s5600 | r6305 | |
| huawei | s7800 | r6305 | |
| huawei | s8500 | r1631 | |
| huawei | s8500 | r1632 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar_18-1x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C169428A-DBA2-4AD4-AB2F-9B55F406D5F5",
"versionEndIncluding": "r0130",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:ar_18-2x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F96CD3E2-2AE8-48B2-9979-84AD3C99933E",
"versionEndIncluding": "r1712",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:ar_18-3x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A93A0EF1-FDC5-4E7C-A692-C664552913EF",
"versionEndIncluding": "r0118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:ar_19\\/29\\/49:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82396118-3290-4683-902D-4955E81B84F9",
"versionEndIncluding": "r2207",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:ar_28\\/46:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A520A0A9-2BF8-4E32-9194-3307CE52C2AD",
"versionEndIncluding": "r0311",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s2000:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "5AF996D4-838E-4295-B8E2-43512DC9BF41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s2300:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "6185A1C4-34B8-4FED-8144-15EA8012CA38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s2700:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "49B54F7F-0B13-4ADC-B8F5-72606273528E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s3000:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "ABC5B0CA-8081-4492-8D2A-5FEE778C5E82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s3300:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "708E992F-581F-4DA0-A490-BB6E2BA8B598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s3300hi:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "7C8FA59E-F894-441D-8FBA-5D865BD3DFC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s3500:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "945EEE2E-C21E-4E1D-9D91-F5B0A77C7CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s3700:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "08E4AE20-F5FB-47DF-817E-DF7871121CA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s3900:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "394161B5-65DF-4921-AE2B-0959322A71F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s5100:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "F02BD40C-8825-46ED-9C99-A4DD5331F04A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s5600:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "47BCCDFB-27DB-439B-965C-525941118C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s7800:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "0C3232F7-23AC-4773-A67D-BCA0A886FE3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s8500:r1631:*:*:*:*:*:*:*",
"matchCriteriaId": "7D4B69FE-DC23-4A78-9D1A-C35EA98CB1FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s8500:r1632:*:*:*:*:*:*:*",
"matchCriteriaId": "008D26B5-DC98-4592-B592-3728C8A0D6C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches allows remote attackers to execute arbitrary code via a long URI."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en el m\u00f3dulo HTTP en el (1) Branch Intelligent Management System (BIMS) y (2) en el componente de gesti\u00f3n web en Huawei AR routers y switches S2000, S3000, S3500, S3900, S5100, S5600, S7800, y S8500 permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante una URI de gran longitud."
}
],
"id": "CVE-2012-6569",
"lastModified": "2024-11-21T01:46:23.957",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-06-20T15:55:00.950",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194370.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194370.htm"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-06-20 15:55
Modified
2024-11-21 01:43
Severity ?
Summary
The Huawei NE5000E, MA5200G, NE40E, NE80E, ATN, NE40, NE80, NE20E-X6, NE20, ME60, CX600, CX200, CX300, ACU, WLAN AC 6605, S9300, S7700, S2300, S3300, S5300, S3300HI, S5300HI, S5306, S6300, S2700, S3700, S5700, S6700, AR G3, H3C AR(OEM IN), AR 19, AR 29, AR 49, Eudemon100E, Eudemon200, Eudemon300, Eudemon500, Eudemon1000, Eudemon1000E-U/USG5300, Eudemon1000E-X/USG5500, Eudemon8080E/USG9300, Eudemon8160E/USG9300, Eudemon8000E-X/USG9500, E200E-C/USG2200, E200E-X3/USG2200, E200E-X5/USG2200, E200E-X7/USG2200, E200E-C/USG5100, E200E-X3/USG5100, E200E-X5/USG5100, E200E-X7/USG5100, E200E-B/USG2100, E200E-X1/USG2100, E200E-X2/USG2100, SVN5300, SVN2000, SVN5000, SVN3000, NIP100, NIP200, NIP1000, NIP2100, NIP2200, and NIP5100 use the DES algorithm for stored passwords, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:acu:v100r003c01spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "CE81EA02-600F-42CE-92C8-7E1D127E9B7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:acu:v200r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "3A906E7E-7A10-474B-91C4-A30F7FAF55D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:acu:v200r001c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "B5D1A17D-1CDD-4539-897E-A6067EAD1EE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:ar_19\\/29\\/49:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82396118-3290-4683-902D-4955E81B84F9",
"versionEndIncluding": "r2207",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:ar_g3:v200r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "B19CE2AB-251D-478A-913C-65B5E0BBA0B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:ar_g3:v200r001c01:*:*:*:*:*:*:*",
"matchCriteriaId": "18BA268A-EF28-477C-AC24-38E322FFE553",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:ar_g3:v200r002c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "554B2AC0-F4C6-4805-BB39-642D6D292A97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:atn:v200r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB1A47C-FB4F-4EF8-A614-95F3B2E6065D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:atn:v200r001c01:*:*:*:*:*:*:*",
"matchCriteriaId": "C26B81D9-0A62-4F6E-A9A4-5B22F08E0882",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:cx200:v100r005:*:*:*:*:*:*:*",
"matchCriteriaId": "A24ECC75-1032-4DFD-A0C3-315ABB68C50F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:cx300:v100r005:*:*:*:*:*:*:*",
"matchCriteriaId": "0F9BA9C4-65A8-4D9D-A21C-CEB53DB2E513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:cx600:v200r002:*:*:*:*:*:*:*",
"matchCriteriaId": "D71F25CF-F4DE-4FC5-82E9-179CFFA4CA61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:cx600:v600r001:*:*:*:*:*:*:*",
"matchCriteriaId": "5D94D86A-C025-4A96-A700-D676B90CBBF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:cx600:v600r002:*:*:*:*:*:*:*",
"matchCriteriaId": "3F61F187-74C5-4C50-9F91-6303C87582B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:cx600:v600r003:*:*:*:*:*:*:*",
"matchCriteriaId": "BB2B2269-0784-4DE2-B48A-9A36F9B30F96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:e200_usg2200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9151ED5E-04DD-4221-9669-C8112168A507",
"versionEndIncluding": "v200r003c00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:e200_usg5100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F63E41F8-8408-4E7A-A423-ACC2C44B3141",
"versionEndIncluding": "v200r003c00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:e200e-b:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8235FC6D-220F-4F75-BDD2-77FA661F33A2",
"versionEndIncluding": "v100r005c01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:e200e-c:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04FF6514-05AF-4D86-9B10-B50BC8D0622D",
"versionEndIncluding": "v200r003c00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:e200e-usg2100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D14FD9A2-90D5-493C-9BC7-095EBD644114",
"versionEndIncluding": "v100r005c01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:e200e-x1:*:*:*:*:*:*:*:*",
"matchCriteriaId": "25B60ADA-D40C-48C5-A237-DEE5DD372933",
"versionEndIncluding": "v100r005c01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:e200e-x2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C3502D88-6168-41E3-8641-4045C9EA9B90",
"versionEndIncluding": "v100r005c01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:e200x3:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F6DBFF5-0B0B-4F0D-96A1-D2D487AE57C7",
"versionEndIncluding": "v200r003c00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:e200x5:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5AF99475-D5A4-407E-8A7F-D6642186E5B6",
"versionEndIncluding": "v200r003c00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:e200x7:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D68DD7D-29F9-460E-9D9C-A70F0DD489B1",
"versionEndIncluding": "v200r003c00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:eudemon_8080e:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5A801B9-7BB4-4E06-8ED2-D9EF565F313E",
"versionEndIncluding": "v100r003c00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:eudemon_8160e:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9D04EF-A73F-4BF6-AB34-3C489156BBD3",
"versionEndIncluding": "v100r003c00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:eudemon_usg5300:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3510EF8C-F3EB-4531-A0A8-8E0734652E26",
"versionEndIncluding": "v200r001",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:eudemon_usg5500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F08A74A7-65FC-424C-ACAD-B6A6ED27FF60",
"versionEndIncluding": "v200r002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:eudemon_usg9300:*:*:*:*:*:*:*:*",
"matchCriteriaId": "788B8EBF-16FA-4FDD-B07A-5A4F6E6B310A",
"versionEndIncluding": "v100r003c00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:eudemon_usg9500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C625CA3-BD79-42E8-91B4-539E90FBF0C5",
"versionEndIncluding": "v200r001c00spc600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:eudemon1000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFF18B94-150C-413F-B6D4-47B5E05DF4BA",
"versionEndIncluding": "v200r006c02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:eudemon1000e-u:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DBB0AFBD-5F0E-494A-A752-9EE2F81DF2C5",
"versionEndIncluding": "v200r001",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:eudemon1000e-x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11D8297A-362B-4056-A94F-9D49FF0B56B7",
"versionEndIncluding": "v200r002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:eudemon100e:v200r007:*:*:*:*:*:*:*",
"matchCriteriaId": "956ED431-6CE1-4873-BDC3-7832F5867C28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:eudemon200:v200r001:*:*:*:*:*:*:*",
"matchCriteriaId": "5679FA9F-B4E5-42A9-9B9A-3601BE785CC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:eudemon300:*:*:*:*:*:*:*:*",
"matchCriteriaId": "014E4B7B-E107-40B6-9B18-F5610959EA8B",
"versionEndIncluding": "v200r006c02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:eudemon500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA4ACA-0104-4A93-9FBC-DC0496A1EB70",
"versionEndIncluding": "v200r006c02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:eudemon8000e-x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B686C4E-FD19-42B0-87A5-162D72C47BE0",
"versionEndIncluding": "v200r001c00spc600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:h3c_ar\\(oem_in\\):*:*:*:*:*:*:*:*",
"matchCriteriaId": "FBDEE398-3BC9-4855-952F-44B37BF9F478",
"versionEndIncluding": "r2209",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:ma5200g:v200r003:*:*:*:*:*:*:*",
"matchCriteriaId": "8D17E429-865D-4677-872E-1E191BB0A6DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:ma5200g:v300r003:*:*:*:*:*:*:*",
"matchCriteriaId": "CD2ADD48-FBB4-4E65-8486-757D2ADA4DA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:me60:v100r005:*:*:*:*:*:*:*",
"matchCriteriaId": "1AF75F78-2B91-47C3-B5AE-F4C9769B5AD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:me60:v100r006:*:*:*:*:*:*:*",
"matchCriteriaId": "18496123-2B0E-46D1-88F6-85897B2B65B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:me60:v600r002:*:*:*:*:*:*:*",
"matchCriteriaId": "E0045741-3B14-435E-8B12-B536751DD24F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:me60:v600r003:*:*:*:*:*:*:*",
"matchCriteriaId": "AE8094F7-FAB2-4624-B2ED-467B40ADA260",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:me60:v600r005c00spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "4BC19826-AC6E-4DE1-95CA-49D4BB6F6644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:ne20:v200r005:*:*:*:*:*:*:*",
"matchCriteriaId": "49D7692F-6EA0-4A5E-B841-2B49332FCC5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:ne20e-x6:v300r005:*:*:*:*:*:*:*",
"matchCriteriaId": "C555EAC5-1E45-4BE5-8C69-DB1916A2EBF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:ne40:v300r005:*:*:*:*:*:*:*",
"matchCriteriaId": "AFF2311E-D7DE-4C7C-BD88-4B947BD4F8E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:ne40e:v300r005:*:*:*:*:*:*:*",
"matchCriteriaId": "B23A5D99-8458-4285-ABF8-FA0D2F49B811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:ne40e:v600r001:*:*:*:*:*:*:*",
"matchCriteriaId": "5348DF82-072D-4B3B-9919-B5478420A98F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:ne40e\\/80e:v600r002:*:*:*:*:*:*:*",
"matchCriteriaId": "54C3C26D-0FD0-48B9-A168-E9C6605DCB0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:ne40e\\/80e:v600r003:*:*:*:*:*:*:*",
"matchCriteriaId": "3D4D3971-B2DA-44EC-97A1-CFF436BF44F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:ne5000e:v300r007:*:*:*:*:*:*:*",
"matchCriteriaId": "CDA4A9B6-378D-4F4B-B88D-C13859E6236B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:ne5000e:v800r002:*:*:*:*:*:*:*",
"matchCriteriaId": "FF6322F0-0749-4C3D-9144-D92A64B9D5FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:ne80:v300r005:*:*:*:*:*:*:*",
"matchCriteriaId": "74801C9A-31D1-4E74-9211-9AB67B5FEAB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:ne80e:v600r001:*:*:*:*:*:*:*",
"matchCriteriaId": "AA2D277B-08F0-4F6A-BC99-FBBCA4F5207D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:ne80e:v600r002:*:*:*:*:*:*:*",
"matchCriteriaId": "A81A4563-15DC-4125-9E3D-5B9FB0360EA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:ne80e:v600r003:*:*:*:*:*:*:*",
"matchCriteriaId": "449449A2-28B2-4A9A-A2C9-84A18596AEDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:nip100:v100r001:*:*:*:*:*:*:*",
"matchCriteriaId": "2BE4E8E1-AF7C-49E9-9758-887EFD8CB8F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:nip1000:v100r001:*:*:*:*:*:*:*",
"matchCriteriaId": "90FF10E6-4080-4186-83DE-37703A468F3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:nip200:v100r001:*:*:*:*:*:*:*",
"matchCriteriaId": "6B0009DF-D44E-4D96-909F-B911D7BA127B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:nip2100:v100r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "B8CE9794-9A67-4F65-A81A-EE00AE714A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:nip2200:v100r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "B3DC0192-8E8B-4E0C-A91C-92094A167878",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:nip5100:v100r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9317FE4B-95F0-4615-9FA1-683D644BC3E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s2300:v100r002:*:*:*:*:*:*:*",
"matchCriteriaId": "871BB53D-F86F-4E3D-8DF7-875C8C1C7FDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s2300:v100r003:*:*:*:*:*:*:*",
"matchCriteriaId": "7E655344-8341-4FFA-BBED-F5D5A15759D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s2300:v100r005:*:*:*:*:*:*:*",
"matchCriteriaId": "662EDAE9-2B0F-4774-8790-2C62997764FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s2300:v100r006:*:*:*:*:*:*:*",
"matchCriteriaId": "22621191-B2CD-4BA9-B6F1-8D59850604A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s2700:v100r006:*:*:*:*:*:*:*",
"matchCriteriaId": "142335E6-A4F5-4CC4-8D86-835C3E0E5211",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s3300:v100r002:*:*:*:*:*:*:*",
"matchCriteriaId": "AF7B5B70-1540-490F-8486-31639DB54F12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s3300:v100r003:*:*:*:*:*:*:*",
"matchCriteriaId": "33864641-EB9A-4CCC-9057-26D22AD839BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s3300:v100r005:*:*:*:*:*:*:*",
"matchCriteriaId": "59AD4C23-6315-4B97-85BB-1074F36F7291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s3300:v100r006:*:*:*:*:*:*:*",
"matchCriteriaId": "972BB8A0-27D8-4A0A-865E-57E37F70A484",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s3300hi:v100r006:*:*:*:*:*:*:*",
"matchCriteriaId": "41435CB4-537C-45DC-B8DB-0C1F38F1D222",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s3300hi:v200r001:*:*:*:*:*:*:*",
"matchCriteriaId": "6D5FE313-7374-4D7A-9A01-F389311710C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s3700:v100r005:*:*:*:*:*:*:*",
"matchCriteriaId": "7EF096DC-B6F4-4763-AC6B-72CB46AB1976",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s3700:v100r006:*:*:*:*:*:*:*",
"matchCriteriaId": "D1171FC3-5A2E-40C6-85FF-AF7E78F96C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s3700:v200r001:*:*:*:*:*:*:*",
"matchCriteriaId": "A706C2B0-5E15-4C90-910F-0ABB65573C93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s5300:v100r002:*:*:*:*:*:*:*",
"matchCriteriaId": "2295584A-2664-45AE-BA0C-1B0411F29A13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s5300:v100r003:*:*:*:*:*:*:*",
"matchCriteriaId": "DDA542A3-7BB3-42B6-ACBB-D00AD4AD707A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s5300:v100r005:*:*:*:*:*:*:*",
"matchCriteriaId": "5361C4C5-BBC5-42FE-A575-985B57EF575E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s5300:v100r006:*:*:*:*:*:*:*",
"matchCriteriaId": "75A90C9F-8DAE-45B4-BB78-6080A434E5FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s5300hi:v100r006:*:*:*:*:*:*:*",
"matchCriteriaId": "175A8714-CD80-472B-9507-829EBC59B805",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s5300hi:v200r001:*:*:*:*:*:*:*",
"matchCriteriaId": "81195EA9-D62B-492D-AA37-EF7AD17AED7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s5306:v100r006:*:*:*:*:*:*:*",
"matchCriteriaId": "47052A6F-E532-42B6-9B4B-46424A1F6377",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s5306:v200r001:*:*:*:*:*:*:*",
"matchCriteriaId": "8B22E5AB-DAF6-4020-A62E-BE6FBE57D3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s5700:v100r005:*:*:*:*:*:*:*",
"matchCriteriaId": "3C178B6F-8608-4BBE-A8D8-8798FB1D75E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s5700:v100r006:*:*:*:*:*:*:*",
"matchCriteriaId": "29CAD535-0216-4048-BFDA-863AA5425BA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s5700:v200r001:*:*:*:*:*:*:*",
"matchCriteriaId": "9424F3B6-A280-4043-A670-3768D9515631",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s6300:v100r006:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB869CD-37F8-4E77-8065-B9C8FADED40C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s6300:v200r001:*:*:*:*:*:*:*",
"matchCriteriaId": "C22B5DE3-03ED-4ED4-BD86-278197FA3FC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s6700:v100r006:*:*:*:*:*:*:*",
"matchCriteriaId": "652F2CCF-41FE-4DEC-8179-FF285AB99E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s6700:v200r001:*:*:*:*:*:*:*",
"matchCriteriaId": "66149AA8-E897-4563-97EC-C5EDCDBE072B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s7700:v100r003:*:*:*:*:*:*:*",
"matchCriteriaId": "0B3F7637-0B4C-40D0-B814-B19F10118795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s7700:v100r006:*:*:*:*:*:*:*",
"matchCriteriaId": "04686A95-05CF-4ACC-89E5-2140DFC423F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s9300:v100r001:*:*:*:*:*:*:*",
"matchCriteriaId": "63BB797D-2C82-4A55-A26A-61A6C1C86888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s9300:v100r002:*:*:*:*:*:*:*",
"matchCriteriaId": "465F6E51-0676-4443-9122-CB2AD59C7516",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s9300:v100r003:*:*:*:*:*:*:*",
"matchCriteriaId": "94970073-415B-4358-833F-CC220653376D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s9300:v100r006:*:*:*:*:*:*:*",
"matchCriteriaId": "F26E31D2-31F8-4D4F-AD3A-44C59B22B121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:svn2000:v200r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "59513736-11B7-47E6-B5C4-D33F9E032BEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:svn3000:v100r002c02spc802b041:*:*:*:*:*:*:*",
"matchCriteriaId": "931A86E3-43C1-4C72-8425-862C33A2DBA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:svn5000:v200r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "15EBA968-C3E0-430E-944D-B4DA30B932C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:svn5300:v100r001c01b019:*:*:*:*:*:*:*",
"matchCriteriaId": "17A15567-DC96-4513-8681-93CE26B4FA07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:wlan_ac_6605:v200r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1968B0D3-1653-459A-865D-79DBB9AADEE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:wlan_ac_6605:v200r001c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "7490231F-7FAB-4875-812F-657B7BF4F136",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Huawei NE5000E, MA5200G, NE40E, NE80E, ATN, NE40, NE80, NE20E-X6, NE20, ME60, CX600, CX200, CX300, ACU, WLAN AC 6605, S9300, S7700, S2300, S3300, S5300, S3300HI, S5300HI, S5306, S6300, S2700, S3700, S5700, S6700, AR G3, H3C AR(OEM IN), AR 19, AR 29, AR 49, Eudemon100E, Eudemon200, Eudemon300, Eudemon500, Eudemon1000, Eudemon1000E-U/USG5300, Eudemon1000E-X/USG5500, Eudemon8080E/USG9300, Eudemon8160E/USG9300, Eudemon8000E-X/USG9500, E200E-C/USG2200, E200E-X3/USG2200, E200E-X5/USG2200, E200E-X7/USG2200, E200E-C/USG5100, E200E-X3/USG5100, E200E-X5/USG5100, E200E-X7/USG5100, E200E-B/USG2100, E200E-X1/USG2100, E200E-X2/USG2100, SVN5300, SVN2000, SVN5000, SVN3000, NIP100, NIP200, NIP1000, NIP2100, NIP2200, and NIP5100 use the DES algorithm for stored passwords, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack."
},
{
"lang": "es",
"value": "Los Huawei NE5000E, MA5200G, NE40E, NE80E, ATN, NE40, NE80, NE20E-X6, NE20, ME60, CX600, CX200, CX300, ACU, WLAN AC 6605, S9300, S7700, S2300, S3300, S5300, S3300HI, S5300HI, S5306, S6300, S2700, S3700, S5700, S6700, AR G3, H3C AR(OEM IN), AR 19, AR 29, AR 49, Eudemon100E, Eudemon200, Eudemon300, Eudemon500, Eudemon1000, Eudemon1000E-U/USG5300, Eudemon1000E-X/USG5500, Eudemon8080E/USG9300, Eudemon8160E/USG9300, Eudemon8000E-X/USG9500, E200E-C/USG2200, E200E-X3/USG2200, E200E-X5/USG2200, E200E-X7/USG2200, E200E-C/USG5100, E200E-X3/USG5100, E200E-X5/USG5100, E200E-X7/USG5100, E200E-B/USG2100, E200E-X1/USG2100, E200E-X2/USG2100, SVN5300, SVN2000, SVN5000, SVN3000, NIP100, NIP200, NIP1000, NIP2100, NIP2200, y NIP5100 utiliza el algoritmo DES para las contrase\u00f1as almacenados, lo que hace que sea m\u00e1s f\u00e1cil para los atacantes dependientes de contexto obtener contrase\u00f1as de texto simple a trav\u00e9s de un ataque de fuerza bruta."
}
],
"id": "CVE-2012-4960",
"lastModified": "2024-11-21T01:43:49.593",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-06-20T15:55:00.897",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194373.htm"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/948096"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194373.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/948096"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-02 20:59
Modified
2024-11-21 02:10
Severity ?
Summary
Huawei Campus S3700HI with software V200R001C00SPC300; Campus S5700 with software V200R002C00SPC100; Campus S7700 with software V200R003C00SPC300,V200R003C00SPC500; LSW S9700 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500; S2350 with software V200R003C00SPC300; S2750 with software V200R003C00SPC300; S5300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S5700 with software V200R001C00SPC300,V200R003C00SPC300; S6300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S6700 S3300HI with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S7700 with software V200R001C00SPC300; S9300 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500; S9300E with software V200R003C00SPC300,V200R003C00SPC500 allow attackers to keep sending malformed packets to cause a denial of service (DoS) attack, aka a heap overflow.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:campus_s3700hi_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C69CF3-CC8C-46BE-974C-6AD204023E67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:campus_s3700hi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B77C6A1-0964-443D-A75D-0E68A59F919B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "121BEE57-945E-4368-8AE4-4A823D70D31C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "4AF84CB7-7EC9-4978-A4F6-FD5746AF1CE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s3300hi_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "361EBDA2-3656-4D57-ABE1-37C6C0FFDC34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s3300hi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "080BC2E6-7EEC-450E-BAF0-3DB7B342329A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "93E7A87E-E2FB-4852-9BE5-164822801822",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CFEF08E-54C5-4D60-AFF0-37B00D6E2DDD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6300_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "7082EE3F-3174-42C2-B010-5078DC752D67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3C8988-A1FC-4B04-9134-F2BDDADEAFB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s9300_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "2D1EF10E-F18B-4F3A-AA2B-25003183E19D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD2EC926-50C6-4CBE-BB6F-56F3A6287DEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "07A44DEA-AB17-48F4-87C1-B3B6088BCD82",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:lsw_s9700_firmware:v200r001c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "2CFA6C99-8A84-4E8F-9DBC-A3822B02B2F7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:lsw_s9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03F0D98A-0118-4F77-96D9-57A3F343FB4C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:campus_s5700_firmware:v200r002c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "BA616684-1DDC-4A23-97B0-518EAD07D2A2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:campus_s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F29515E-98DD-496F-B3FC-176CD4B2BD9E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r002c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "AFFF09EB-AA08-4204-B028-182933EC9700",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r002c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "647A8737-10F5-4008-8F68-BF8BE4319C56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CFEF08E-54C5-4D60-AFF0-37B00D6E2DDD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6300_firmware:v200r002c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "58578CA3-392E-4E6D-9B93-E57DC4F44237",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3C8988-A1FC-4B04-9134-F2BDDADEAFB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:campus_s7700_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "F12DF054-43B5-42DC-8FDF-664354091ABA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:campus_s7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C949558A-3AAC-4A2A-81C1-B9D7072FF3FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s9300_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "613A5720-C4AC-448E-9170-A113328B4DBF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD2EC926-50C6-4CBE-BB6F-56F3A6287DEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s9300e_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "11DA3DAE-870F-4F61-9D6B-3FB7D1F49D82",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s9300e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B913A258-48B6-45D0-A37B-2C665DCA735C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "9D07FB95-7CE7-480A-BF2D-87017EFAE038",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CFEF08E-54C5-4D60-AFF0-37B00D6E2DDD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "DEC329F7-D83F-4119-B8CA-CC819EC872CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6300_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB0108A-2462-45D6-8A82-8681E8167D6C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3C8988-A1FC-4B04-9134-F2BDDADEAFB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "7D5033F0-7E4F-431A-B4EA-E5D5D1FCFE5E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s2350_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "F6E60C34-3553-4374-A7B6-CFA92BC19CDA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s2350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2AB6207-F2BC-47A9-980C-62463157A56A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s2750_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "69C8196A-21F2-4903-B5B6-B6C9F42B1051",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s2750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7859972-B7B8-4619-AAED-22B6B14852BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:lsw_s9700_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "F2EFAF03-1F00-46A8-B5BE-2AE05BFA3B33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:lsw_s9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03F0D98A-0118-4F77-96D9-57A3F343FB4C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:campus_s7700_firmware:v200r003c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "D7295127-4B3D-44E8-9513-EC2DE1B37479",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:campus_s7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C949558A-3AAC-4A2A-81C1-B9D7072FF3FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s9300_firmware:v200r003c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "78DA2DC7-63B3-40D7-BEC7-AF81066A2733",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD2EC926-50C6-4CBE-BB6F-56F3A6287DEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s9300e_firmware:v200r003c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "E5752E4C-4B7D-4139-BCAE-7F52D4A235F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s9300e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B913A258-48B6-45D0-A37B-2C665DCA735C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:lsw_s9700_firmware:v200r003c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "5C81F30C-4A04-4376-8AA6-E01B76DF2B20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:lsw_s9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03F0D98A-0118-4F77-96D9-57A3F343FB4C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Huawei Campus S3700HI with software V200R001C00SPC300; Campus S5700 with software V200R002C00SPC100; Campus S7700 with software V200R003C00SPC300,V200R003C00SPC500; LSW S9700 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500; S2350 with software V200R003C00SPC300; S2750 with software V200R003C00SPC300; S5300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S5700 with software V200R001C00SPC300,V200R003C00SPC300; S6300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S6700 S3300HI with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S7700 with software V200R001C00SPC300; S9300 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500; S9300E with software V200R003C00SPC300,V200R003C00SPC500 allow attackers to keep sending malformed packets to cause a denial of service (DoS) attack, aka a heap overflow."
},
{
"lang": "es",
"value": "Huawei Campus S3700HI con software V200R001C00SPC300; Campus S5700 con software V200R002C00SPC100; Campus S7700 con software V200R003C00SPC300,V200R003C00SPC500; LSW S9700 con software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500; S2350 con software V200R003C00SPC300; S2750 con software V200R003C00SPC300; S5300 con software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S5700 con software V200R001C00SPC300,V200R003C00SPC300; S6300 con software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S6700 S3300HI con software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S7700 con software V200R001C00SPC300; S9300 con software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500; S9300E con software V200R003C00SPC300,V200R003C00SPC500 permiten a atacantes seguir enviando paquetes mal formado para provocar un ataque de denegaci\u00f3n de servicio (DoS), tambi\u00e9n conocido como desbordamiento de memoria din\u00e1mica."
}
],
"id": "CVE-2014-4706",
"lastModified": "2024-11-21T02:10:45.347",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-02T20:59:00.280",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-343218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-343218"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-06-20 15:55
Modified
2024-11-21 01:46
Severity ?
Summary
The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches does not check whether HTTP data is longer than the value of the Content-Length field, which allows remote HTTP servers to conduct heap-based buffer overflow attacks and execute arbitrary code via a crafted response.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | ar_18-1x | * | |
| huawei | ar_18-2x | * | |
| huawei | ar_18-3x | * | |
| huawei | ar_19\/29\/49 | * | |
| huawei | ar_28\/46 | * | |
| huawei | s2000 | r6305 | |
| huawei | s2300 | r6305 | |
| huawei | s2700 | r6305 | |
| huawei | s3000 | r6305 | |
| huawei | s3300 | r6305 | |
| huawei | s3300hi | r6305 | |
| huawei | s3500 | r6305 | |
| huawei | s3700 | r6305 | |
| huawei | s3900 | r6305 | |
| huawei | s5100 | r6305 | |
| huawei | s5600 | r6305 | |
| huawei | s7800 | r6305 | |
| huawei | s8500 | r1631 | |
| huawei | s8500 | r1632 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar_18-1x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C169428A-DBA2-4AD4-AB2F-9B55F406D5F5",
"versionEndIncluding": "r0130",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:ar_18-2x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F96CD3E2-2AE8-48B2-9979-84AD3C99933E",
"versionEndIncluding": "r1712",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:ar_18-3x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A93A0EF1-FDC5-4E7C-A692-C664552913EF",
"versionEndIncluding": "r0118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:ar_19\\/29\\/49:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82396118-3290-4683-902D-4955E81B84F9",
"versionEndIncluding": "r2207",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:ar_28\\/46:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A520A0A9-2BF8-4E32-9194-3307CE52C2AD",
"versionEndIncluding": "r0311",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s2000:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "5AF996D4-838E-4295-B8E2-43512DC9BF41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s2300:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "6185A1C4-34B8-4FED-8144-15EA8012CA38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s2700:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "49B54F7F-0B13-4ADC-B8F5-72606273528E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s3000:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "ABC5B0CA-8081-4492-8D2A-5FEE778C5E82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s3300:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "708E992F-581F-4DA0-A490-BB6E2BA8B598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s3300hi:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "7C8FA59E-F894-441D-8FBA-5D865BD3DFC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s3500:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "945EEE2E-C21E-4E1D-9D91-F5B0A77C7CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s3700:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "08E4AE20-F5FB-47DF-817E-DF7871121CA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s3900:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "394161B5-65DF-4921-AE2B-0959322A71F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s5100:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "F02BD40C-8825-46ED-9C99-A4DD5331F04A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s5600:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "47BCCDFB-27DB-439B-965C-525941118C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s7800:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "0C3232F7-23AC-4773-A67D-BCA0A886FE3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s8500:r1631:*:*:*:*:*:*:*",
"matchCriteriaId": "7D4B69FE-DC23-4A78-9D1A-C35EA98CB1FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s8500:r1632:*:*:*:*:*:*:*",
"matchCriteriaId": "008D26B5-DC98-4592-B592-3728C8A0D6C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches does not check whether HTTP data is longer than the value of the Content-Length field, which allows remote HTTP servers to conduct heap-based buffer overflow attacks and execute arbitrary code via a crafted response."
},
{
"lang": "es",
"value": "El m\u00f3dulo HTTP en (1) Branch Intelligent Management System (BIMS) y (2) componentes de gesti\u00f3n web de switches de Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, y S8500 no comprueba si los datos HTTP son mayores que el valor del campo Content-Length, que permite a los servidores HTTP remotos realizar ataques de desbordamiento de b\u00fafer basado en mont\u00edculo y ejecutar c\u00f3digo arbitrario a trav\u00e9s de una respuesta elaborada."
}
],
"id": "CVE-2012-6570",
"lastModified": "2024-11-21T01:46:24.107",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-06-20T15:55:00.967",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194361.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194361.htm"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-06-20 15:55
Modified
2024-11-21 01:46
Severity ?
Summary
The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, and S7800 switches uses predictable Session ID values, which makes it easier for remote attackers to hijack sessions via a brute-force attack.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | ar_18-1x | * | |
| huawei | ar_18-2x | * | |
| huawei | ar_18-3x | * | |
| huawei | ar_19\/29\/49 | * | |
| huawei | ar_28\/46 | * | |
| huawei | s2000 | r6305 | |
| huawei | s2300 | r6305 | |
| huawei | s2700 | r6305 | |
| huawei | s3000 | r6305 | |
| huawei | s3300 | r6305 | |
| huawei | s3300hi | r6305 | |
| huawei | s3500 | r6305 | |
| huawei | s3700 | r6305 | |
| huawei | s3900 | r6305 | |
| huawei | s5100 | r6305 | |
| huawei | s5600 | r6305 | |
| huawei | s7800 | r6305 | |
| huawei | s8500 | r1631 | |
| huawei | s8500 | r1632 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar_18-1x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C169428A-DBA2-4AD4-AB2F-9B55F406D5F5",
"versionEndIncluding": "r0130",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:ar_18-2x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F96CD3E2-2AE8-48B2-9979-84AD3C99933E",
"versionEndIncluding": "r1712",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:ar_18-3x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A93A0EF1-FDC5-4E7C-A692-C664552913EF",
"versionEndIncluding": "r0118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:ar_19\\/29\\/49:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82396118-3290-4683-902D-4955E81B84F9",
"versionEndIncluding": "r2207",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:ar_28\\/46:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A520A0A9-2BF8-4E32-9194-3307CE52C2AD",
"versionEndIncluding": "r0311",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s2000:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "5AF996D4-838E-4295-B8E2-43512DC9BF41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s2300:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "6185A1C4-34B8-4FED-8144-15EA8012CA38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s2700:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "49B54F7F-0B13-4ADC-B8F5-72606273528E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s3000:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "ABC5B0CA-8081-4492-8D2A-5FEE778C5E82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s3300:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "708E992F-581F-4DA0-A490-BB6E2BA8B598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s3300hi:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "7C8FA59E-F894-441D-8FBA-5D865BD3DFC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s3500:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "945EEE2E-C21E-4E1D-9D91-F5B0A77C7CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s3700:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "08E4AE20-F5FB-47DF-817E-DF7871121CA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s3900:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "394161B5-65DF-4921-AE2B-0959322A71F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s5100:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "F02BD40C-8825-46ED-9C99-A4DD5331F04A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s5600:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "47BCCDFB-27DB-439B-965C-525941118C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s7800:r6305:*:*:*:*:*:*:*",
"matchCriteriaId": "0C3232F7-23AC-4773-A67D-BCA0A886FE3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s8500:r1631:*:*:*:*:*:*:*",
"matchCriteriaId": "7D4B69FE-DC23-4A78-9D1A-C35EA98CB1FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:s8500:r1632:*:*:*:*:*:*:*",
"matchCriteriaId": "008D26B5-DC98-4592-B592-3728C8A0D6C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, and S7800 switches uses predictable Session ID values, which makes it easier for remote attackers to hijack sessions via a brute-force attack."
},
{
"lang": "es",
"value": "El m\u00f3dulo HTTP en el (1) Branch Intelligent Management System (BIMS) y (2) gesti\u00f3n web de componentes para switches Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, and S7800 usa valores de Session ID predecibles lo que hace m\u00e1s f\u00e1cil a atacantes remotos secuestrar la sesi\u00f3n a trav\u00e9s de ataques de fuerza bruta."
}
],
"id": "CVE-2012-6571",
"lastModified": "2024-11-21T01:46:24.257",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-06-20T15:55:00.983",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194371.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194371.htm"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2012-6570
Vulnerability from cvelistv5
Published
2013-06-20 15:00
Modified
2024-09-16 23:46
Severity ?
EPSS score ?
Summary
The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches does not check whether HTTP data is longer than the value of the Content-Length field, which allows remote HTTP servers to conduct heap-based buffer overflow attacks and execute arbitrary code via a crafted response.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194361.htm | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:36:01.313Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194361.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches does not check whether HTTP data is longer than the value of the Content-Length field, which allows remote HTTP servers to conduct heap-based buffer overflow attacks and execute arbitrary code via a crafted response."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-06-20T15:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194361.htm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6570",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches does not check whether HTTP data is longer than the value of the Content-Length field, which allows remote HTTP servers to conduct heap-based buffer overflow attacks and execute arbitrary code via a crafted response."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194361.htm",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194361.htm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-6570",
"datePublished": "2013-06-20T15:00:00Z",
"dateReserved": "2013-06-20T00:00:00Z",
"dateUpdated": "2024-09-16T23:46:14.672Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-4706
Vulnerability from cvelistv5
Published
2017-04-02 20:00
Modified
2024-08-06 11:27
Severity ?
EPSS score ?
Summary
Huawei Campus S3700HI with software V200R001C00SPC300; Campus S5700 with software V200R002C00SPC100; Campus S7700 with software V200R003C00SPC300,V200R003C00SPC500; LSW S9700 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500; S2350 with software V200R003C00SPC300; S2750 with software V200R003C00SPC300; S5300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S5700 with software V200R001C00SPC300,V200R003C00SPC300; S6300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S6700 S3300HI with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S7700 with software V200R001C00SPC300; S9300 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500; S9300E with software V200R003C00SPC300,V200R003C00SPC500 allow attackers to keep sending malformed packets to cause a denial of service (DoS) attack, aka a heap overflow.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/hw-343218 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Campus S3700HI, S5700, S6700 S3300HI, S5300, S6300, S9300, S7700,LSW S9700,Campus S5700, S6700,Campus S7700, S9300E, S2350, S2750,S9300,S9300E, Campus S3700HI with software V200R001C00SPC300,Campus S5700 with software V200R002C00SPC100,Campus S7700 with software V200R003C00SPC300,V200R003C00SPC500,LSW S9700 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500,S2350 with software V200R003C00SPC300,S2750 with software V200R003C00SPC300,S5300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300,S5700 with software V200R001C00SPC300,V200R003C00SPC300,S6300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300,S6700 S3300HI with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300,S7700 with software V200R001C00SPC300,S9300 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500,S9300E with software V200R003C00SPC300,V200R003C00SPC500, |
Version: Campus S3700HI, S5700, S6700 S3300HI, S5300, S6300, S9300, S7700,LSW S9700,Campus S5700, S6700,Campus S7700, S9300E, S2350, S2750,S9300,S9300E, Campus S3700HI with software V200R001C00SPC300,Campus S5700 with software V200R002C00SPC100,Campus S7700 with software V200R003C00SPC300,V200R003C00SPC500,LSW S9700 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500,S2350 with software V200R003C00SPC300,S2750 with software V200R003C00SPC300,S5300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300,S5700 with software V200R001C00SPC300,V200R003C00SPC300,S6300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300,S6700 S3300HI with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300,S7700 with software V200R001C00SPC300,S9300 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500,S9300E with software V200R003C00SPC300,V200R003C00SPC500, |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:27:36.889Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-343218"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Campus S3700HI, S5700, S6700 S3300HI, S5300, S6300, S9300, S7700,LSW S9700,Campus S5700, S6700,Campus S7700, S9300E, S2350, S2750,S9300,S9300E, Campus S3700HI with software V200R001C00SPC300,Campus S5700 with software V200R002C00SPC100,Campus S7700 with software V200R003C00SPC300,V200R003C00SPC500,LSW S9700 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500,S2350 with software V200R003C00SPC300,S2750 with software V200R003C00SPC300,S5300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300,S5700 with software V200R001C00SPC300,V200R003C00SPC300,S6300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300,S6700 S3300HI with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300,S7700 with software V200R001C00SPC300,S9300 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500,S9300E with software V200R003C00SPC300,V200R003C00SPC500,",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Campus S3700HI, S5700, S6700 S3300HI, S5300, S6300, S9300, S7700,LSW S9700,Campus S5700, S6700,Campus S7700, S9300E, S2350, S2750,S9300,S9300E, Campus S3700HI with software V200R001C00SPC300,Campus S5700 with software V200R002C00SPC100,Campus S7700 with software V200R003C00SPC300,V200R003C00SPC500,LSW S9700 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500,S2350 with software V200R003C00SPC300,S2750 with software V200R003C00SPC300,S5300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300,S5700 with software V200R001C00SPC300,V200R003C00SPC300,S6300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300,S6700 S3300HI with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300,S7700 with software V200R001C00SPC300,S9300 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500,S9300E with software V200R003C00SPC300,V200R003C00SPC500,"
}
]
}
],
"datePublic": "2017-03-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei Campus S3700HI with software V200R001C00SPC300; Campus S5700 with software V200R002C00SPC100; Campus S7700 with software V200R003C00SPC300,V200R003C00SPC500; LSW S9700 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500; S2350 with software V200R003C00SPC300; S2750 with software V200R003C00SPC300; S5300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S5700 with software V200R001C00SPC300,V200R003C00SPC300; S6300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S6700 S3300HI with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S7700 with software V200R001C00SPC300; S9300 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500; S9300E with software V200R003C00SPC300,V200R003C00SPC500 allow attackers to keep sending malformed packets to cause a denial of service (DoS) attack, aka a heap overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-02T19:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-343218"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2014-4706",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Campus S3700HI, S5700, S6700 S3300HI, S5300, S6300, S9300, S7700,LSW S9700,Campus S5700, S6700,Campus S7700, S9300E, S2350, S2750,S9300,S9300E, Campus S3700HI with software V200R001C00SPC300,Campus S5700 with software V200R002C00SPC100,Campus S7700 with software V200R003C00SPC300,V200R003C00SPC500,LSW S9700 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500,S2350 with software V200R003C00SPC300,S2750 with software V200R003C00SPC300,S5300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300,S5700 with software V200R001C00SPC300,V200R003C00SPC300,S6300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300,S6700 S3300HI with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300,S7700 with software V200R001C00SPC300,S9300 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500,S9300E with software V200R003C00SPC300,V200R003C00SPC500,",
"version": {
"version_data": [
{
"version_value": "Campus S3700HI, S5700, S6700 S3300HI, S5300, S6300, S9300, S7700,LSW S9700,Campus S5700, S6700,Campus S7700, S9300E, S2350, S2750,S9300,S9300E, Campus S3700HI with software V200R001C00SPC300,Campus S5700 with software V200R002C00SPC100,Campus S7700 with software V200R003C00SPC300,V200R003C00SPC500,LSW S9700 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500,S2350 with software V200R003C00SPC300,S2750 with software V200R003C00SPC300,S5300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300,S5700 with software V200R001C00SPC300,V200R003C00SPC300,S6300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300,S6700 S3300HI with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300,S7700 with software V200R001C00SPC300,S9300 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500,S9300E with software V200R003C00SPC300,V200R003C00SPC500,"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei Campus S3700HI with software V200R001C00SPC300; Campus S5700 with software V200R002C00SPC100; Campus S7700 with software V200R003C00SPC300,V200R003C00SPC500; LSW S9700 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500; S2350 with software V200R003C00SPC300; S2750 with software V200R003C00SPC300; S5300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S5700 with software V200R001C00SPC300,V200R003C00SPC300; S6300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S6700 S3300HI with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S7700 with software V200R001C00SPC300; S9300 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500; S9300E with software V200R003C00SPC300,V200R003C00SPC500 allow attackers to keep sending malformed packets to cause a denial of service (DoS) attack, aka a heap overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/hw-343218",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-343218"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2014-4706",
"datePublished": "2017-04-02T20:00:00",
"dateReserved": "2014-07-01T00:00:00",
"dateUpdated": "2024-08-06T11:27:36.889Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-6569
Vulnerability from cvelistv5
Published
2013-06-20 15:00
Modified
2024-09-17 02:36
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in the HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches allows remote attackers to execute arbitrary code via a long URI.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194370.htm | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:36:01.340Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194370.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches allows remote attackers to execute arbitrary code via a long URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-06-20T15:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194370.htm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6569",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches allows remote attackers to execute arbitrary code via a long URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194370.htm",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194370.htm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-6569",
"datePublished": "2013-06-20T15:00:00Z",
"dateReserved": "2013-06-20T00:00:00Z",
"dateUpdated": "2024-09-17T02:36:51.575Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-4960
Vulnerability from cvelistv5
Published
2013-06-20 15:00
Modified
2024-08-06 20:50
Severity ?
EPSS score ?
Summary
The Huawei NE5000E, MA5200G, NE40E, NE80E, ATN, NE40, NE80, NE20E-X6, NE20, ME60, CX600, CX200, CX300, ACU, WLAN AC 6605, S9300, S7700, S2300, S3300, S5300, S3300HI, S5300HI, S5306, S6300, S2700, S3700, S5700, S6700, AR G3, H3C AR(OEM IN), AR 19, AR 29, AR 49, Eudemon100E, Eudemon200, Eudemon300, Eudemon500, Eudemon1000, Eudemon1000E-U/USG5300, Eudemon1000E-X/USG5500, Eudemon8080E/USG9300, Eudemon8160E/USG9300, Eudemon8000E-X/USG9500, E200E-C/USG2200, E200E-X3/USG2200, E200E-X5/USG2200, E200E-X7/USG2200, E200E-C/USG5100, E200E-X3/USG5100, E200E-X5/USG5100, E200E-X7/USG5100, E200E-B/USG2100, E200E-X1/USG2100, E200E-X2/USG2100, SVN5300, SVN2000, SVN5000, SVN3000, NIP100, NIP200, NIP1000, NIP2100, NIP2200, and NIP5100 use the DES algorithm for stored passwords, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.kb.cert.org/vuls/id/948096 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194373.htm | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:50:18.270Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#948096",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/948096"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194373.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-12-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Huawei NE5000E, MA5200G, NE40E, NE80E, ATN, NE40, NE80, NE20E-X6, NE20, ME60, CX600, CX200, CX300, ACU, WLAN AC 6605, S9300, S7700, S2300, S3300, S5300, S3300HI, S5300HI, S5306, S6300, S2700, S3700, S5700, S6700, AR G3, H3C AR(OEM IN), AR 19, AR 29, AR 49, Eudemon100E, Eudemon200, Eudemon300, Eudemon500, Eudemon1000, Eudemon1000E-U/USG5300, Eudemon1000E-X/USG5500, Eudemon8080E/USG9300, Eudemon8160E/USG9300, Eudemon8000E-X/USG9500, E200E-C/USG2200, E200E-X3/USG2200, E200E-X5/USG2200, E200E-X7/USG2200, E200E-C/USG5100, E200E-X3/USG5100, E200E-X5/USG5100, E200E-X7/USG5100, E200E-B/USG2100, E200E-X1/USG2100, E200E-X2/USG2100, SVN5300, SVN2000, SVN5000, SVN3000, NIP100, NIP200, NIP1000, NIP2100, NIP2200, and NIP5100 use the DES algorithm for stored passwords, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-08-22T09:00:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#948096",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/948096"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194373.htm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2012-4960",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Huawei NE5000E, MA5200G, NE40E, NE80E, ATN, NE40, NE80, NE20E-X6, NE20, ME60, CX600, CX200, CX300, ACU, WLAN AC 6605, S9300, S7700, S2300, S3300, S5300, S3300HI, S5300HI, S5306, S6300, S2700, S3700, S5700, S6700, AR G3, H3C AR(OEM IN), AR 19, AR 29, AR 49, Eudemon100E, Eudemon200, Eudemon300, Eudemon500, Eudemon1000, Eudemon1000E-U/USG5300, Eudemon1000E-X/USG5500, Eudemon8080E/USG9300, Eudemon8160E/USG9300, Eudemon8000E-X/USG9500, E200E-C/USG2200, E200E-X3/USG2200, E200E-X5/USG2200, E200E-X7/USG2200, E200E-C/USG5100, E200E-X3/USG5100, E200E-X5/USG5100, E200E-X7/USG5100, E200E-B/USG2100, E200E-X1/USG2100, E200E-X2/USG2100, SVN5300, SVN2000, SVN5000, SVN3000, NIP100, NIP200, NIP1000, NIP2100, NIP2200, and NIP5100 use the DES algorithm for stored passwords, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#948096",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/948096"
},
{
"name": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194373.htm",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194373.htm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2012-4960",
"datePublished": "2013-06-20T15:00:00",
"dateReserved": "2012-09-17T00:00:00",
"dateUpdated": "2024-08-06T20:50:18.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-6571
Vulnerability from cvelistv5
Published
2013-06-20 15:00
Modified
2024-09-16 21:08
Severity ?
EPSS score ?
Summary
The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, and S7800 switches uses predictable Session ID values, which makes it easier for remote attackers to hijack sessions via a brute-force attack.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194371.htm | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:36:01.850Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194371.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, and S7800 switches uses predictable Session ID values, which makes it easier for remote attackers to hijack sessions via a brute-force attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-06-20T15:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194371.htm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6571",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, and S7800 switches uses predictable Session ID values, which makes it easier for remote attackers to hijack sessions via a brute-force attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194371.htm",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194371.htm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-6571",
"datePublished": "2013-06-20T15:00:00Z",
"dateReserved": "2013-06-20T00:00:00Z",
"dateUpdated": "2024-09-16T21:08:50.739Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}