Lucene search

[email protected]NVD:CVE-2012-6571

HistoryJun 20, 2013 - 3:55 p.m.

CVE-2012-6571

2013-06-2015:55:00

CWE-310

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.5 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.3%

JSON

The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, and S7800 switches uses predictable Session ID values, which makes it easier for remote attackers to hijack sessions via a brute-force attack.

Affected configurations

NVD

Node

huaweiar_18-1xRange≤r0130

huaweiar_18-2xRange≤r1712

huaweiar_18-3xRange≤r0118

huaweiar_19\/29\/49Range≤r2207

huaweiar_28\/46Range≤r0311

Node

huaweis2000Matchr6305

huaweis2300Matchr6305

huaweis2700Matchr6305

huaweis3000Matchr6305

huaweis3300Matchr6305

huaweis3300hiMatchr6305

huaweis3500Matchr6305

huaweis3700Matchr6305

huaweis3900Matchr6305

huaweis5100Matchr6305

huaweis5600Matchr6305

huaweis7800Matchr6305

huaweis8500Matchr1631

huaweis8500Matchr1632

References

www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194371.htm

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.5 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.3%

JSON

Related for NVD:CVE-2012-6571

cvelist1 prion1 cve2 nvd1