CVE-2018-7920
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Huawei AR1200 V200R006C10SPC300, AR160 V200R006C10SPC300, AR200 V200R006C10SPC300, AR2200 V200R006C10SPC300, AR3200 V200R006C10SPC300 devices have an improper resource management vulnerability. Due to the improper implementation of ACL mechanism, a remote attacker may send TCP messages to the management interface of the affected device to exploit this vulnerability. Successful exploit could exhaust the socket resource of management interface, leading to a DoS condition.
Los dispositivos Huawei AR1200 V200R006C10SPC300, AR160 V200R006C10SPC300, AR200 V200R006C10SPC300, AR2200 V200R006C10SPC300 y AR3200 V200R006C10SPC300 tienen una vulnerabilidad de gestión incorrecta de recursos. Debido a la implementación incorrecta del mecanismo de lista de control de acceso (ACL), un atacante remoto podría enviar mensajes TCP a la interfaz de gestión del dispositivo afectado para explotar esta vulnerabilidad. Un exploit con éxito podría agotar el recurso socket de la interfaz de gestión, lo que conduce a una condición de denegación de servicio (DoS).
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-03-09 CVE Reserved
- 2018-04-19 CVE Published
- 2024-02-26 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-400: Uncontrolled Resource Consumption
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-ar-en | 2018-05-22 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Huawei Search vendor "Huawei" | Ar1200 Firmware Search vendor "Huawei" for product "Ar1200 Firmware" | v200r006c10spc300 Search vendor "Huawei" for product "Ar1200 Firmware" and version "v200r006c10spc300" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ar1200 Search vendor "Huawei" for product "Ar1200" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ar160 Firmware Search vendor "Huawei" for product "Ar160 Firmware" | v200r006c10spc300 Search vendor "Huawei" for product "Ar160 Firmware" and version "v200r006c10spc300" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ar160 Search vendor "Huawei" for product "Ar160" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ar200 Firmware Search vendor "Huawei" for product "Ar200 Firmware" | v200r006c10spc300 Search vendor "Huawei" for product "Ar200 Firmware" and version "v200r006c10spc300" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ar200 Search vendor "Huawei" for product "Ar200" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ar2200 Firmware Search vendor "Huawei" for product "Ar2200 Firmware" | v200r006c10spc300 Search vendor "Huawei" for product "Ar2200 Firmware" and version "v200r006c10spc300" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ar2200 Search vendor "Huawei" for product "Ar2200" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ar3200 Firmware Search vendor "Huawei" for product "Ar3200 Firmware" | v200r006c10spc300 Search vendor "Huawei" for product "Ar3200 Firmware" and version "v200r006c10spc300" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ar3200 Search vendor "Huawei" for product "Ar3200" | - | - |
Safe
|