CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
35.0%
There is a few bytes out-of-bounds read vulnerability in some Huawei products. The software reads data past the end of the intended buffer when parsing certain message, an authenticated attacker could exploit this vulnerability by sending crafted messages to the device. Successful exploit may cause service abnormal in specific scenario.Affected product versions include:AR120-S versions V200R007C00SPC900,V200R007C00SPCa00
Vendor | Product | Version | CPE |
---|---|---|---|
huawei | ar120-s | - | cpe:2.3:h:huawei:ar120-s:-:*:*:*:*:*:*:* |
huawei | ar120-s_firmware | v200r007c00spc900 | cpe:2.3:o:huawei:ar120-s_firmware:v200r007c00spc900:*:*:*:*:*:*:* |
huawei | ar120-s_firmware | v200r007c00spca00 | cpe:2.3:o:huawei:ar120-s_firmware:v200r007c00spca00:*:*:*:*:*:*:* |
huawei | ar120-s_firmware | v200r007c00spcb00 | cpe:2.3:o:huawei:ar120-s_firmware:v200r007c00spcb00:*:*:*:*:*:*:* |
huawei | ar120-s_firmware | v200r007c00spcc00 | cpe:2.3:o:huawei:ar120-s_firmware:v200r007c00spcc00:*:*:*:*:*:*:* |
huawei | ar1200 | - | cpe:2.3:h:huawei:ar1200:-:*:*:*:*:*:*:* |
huawei | ar1200_firmware | v200r007c00spc900 | cpe:2.3:o:huawei:ar1200_firmware:v200r007c00spc900:*:*:*:*:*:*:* |
huawei | ar1200_firmware | v200r007c00spc900pwe | cpe:2.3:o:huawei:ar1200_firmware:v200r007c00spc900pwe:*:*:*:*:*:*:* |
huawei | ar1200_firmware | v200r007c00spca00 | cpe:2.3:o:huawei:ar1200_firmware:v200r007c00spca00:*:*:*:*:*:*:* |
huawei | ar1200_firmware | v200r007c00spcb00 | cpe:2.3:o:huawei:ar1200_firmware:v200r007c00spcb00:*:*:*:*:*:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
35.0%