CVE-2012-6571
Severity Score
7.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, and S7800 switches uses predictable Session ID values, which makes it easier for remote attackers to hijack sessions via a brute-force attack.
El módulo HTTP en el (1) Branch Intelligent Management System (BIMS) y (2) gestión web de componentes para switches Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, and S7800 usa valores de Session ID predecibles lo que hace más fácil a atacantes remotos secuestrar la sesión a través de ataques de fuerza bruta.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2013-06-20 CVE Reserved
- 2013-06-20 CVE Published
- 2024-09-16 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-310: Cryptographic Issues
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194371.htm | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Huawei Search vendor "Huawei" | Ar 18-1x Search vendor "Huawei" for product "Ar 18-1x" | <= r0130 Search vendor "Huawei" for product "Ar 18-1x" and version " <= r0130" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Ar 18-2x Search vendor "Huawei" for product "Ar 18-2x" | <= r1712 Search vendor "Huawei" for product "Ar 18-2x" and version " <= r1712" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Ar 18-3x Search vendor "Huawei" for product "Ar 18-3x" | <= r0118 Search vendor "Huawei" for product "Ar 18-3x" and version " <= r0118" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Ar 19\/29\/49 Search vendor "Huawei" for product "Ar 19\/29\/49" | <= r2207 Search vendor "Huawei" for product "Ar 19\/29\/49" and version " <= r2207" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Ar 28\/46 Search vendor "Huawei" for product "Ar 28\/46" | <= r0311 Search vendor "Huawei" for product "Ar 28\/46" and version " <= r0311" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | S2000 Search vendor "Huawei" for product "S2000" | r6305 Search vendor "Huawei" for product "S2000" and version "r6305" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | S2300 Search vendor "Huawei" for product "S2300" | r6305 Search vendor "Huawei" for product "S2300" and version "r6305" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | S2700 Search vendor "Huawei" for product "S2700" | r6305 Search vendor "Huawei" for product "S2700" and version "r6305" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | S3000 Search vendor "Huawei" for product "S3000" | r6305 Search vendor "Huawei" for product "S3000" and version "r6305" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | S3300 Search vendor "Huawei" for product "S3300" | r6305 Search vendor "Huawei" for product "S3300" and version "r6305" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | S3300hi Search vendor "Huawei" for product "S3300hi" | r6305 Search vendor "Huawei" for product "S3300hi" and version "r6305" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | S3500 Search vendor "Huawei" for product "S3500" | r6305 Search vendor "Huawei" for product "S3500" and version "r6305" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | S3700 Search vendor "Huawei" for product "S3700" | r6305 Search vendor "Huawei" for product "S3700" and version "r6305" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | S3900 Search vendor "Huawei" for product "S3900" | r6305 Search vendor "Huawei" for product "S3900" and version "r6305" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | S5100 Search vendor "Huawei" for product "S5100" | r6305 Search vendor "Huawei" for product "S5100" and version "r6305" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | S5600 Search vendor "Huawei" for product "S5600" | r6305 Search vendor "Huawei" for product "S5600" and version "r6305" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | S7800 Search vendor "Huawei" for product "S7800" | r6305 Search vendor "Huawei" for product "S7800" and version "r6305" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | S8500 Search vendor "Huawei" for product "S8500" | r1631 Search vendor "Huawei" for product "S8500" and version "r1631" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | S8500 Search vendor "Huawei" for product "S8500" | r1632 Search vendor "Huawei" for product "S8500" and version "r1632" | - |
Affected
| ||||||