CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
50.1%
Some Huawei products have a memory leak vulnerability when handling some messages. A remote attacker with operation privilege could exploit the vulnerability by sending specific messages continuously. Successful exploit may cause some service to be abnormal.
Vendor | Product | Version | CPE |
---|---|---|---|
huawei | ar120-s_firmware | v200r005c20 | cpe:2.3:o:huawei:ar120-s_firmware:v200r005c20:*:*:*:*:*:*:* |
huawei | ar120-s_firmware | v200r006c10 | cpe:2.3:o:huawei:ar120-s_firmware:v200r006c10:*:*:*:*:*:*:* |
huawei | ar120-s | - | cpe:2.3:h:huawei:ar120-s:-:*:*:*:*:*:*:* |
huawei | ar1200_firmware | v200r005c20 | cpe:2.3:o:huawei:ar1200_firmware:v200r005c20:*:*:*:*:*:*:* |
huawei | ar1200_firmware | v200r006c10 | cpe:2.3:o:huawei:ar1200_firmware:v200r006c10:*:*:*:*:*:*:* |
huawei | ar1200 | - | cpe:2.3:h:huawei:ar1200:-:*:*:*:*:*:*:* |
huawei | ar1200-s_firmware | v200r005c20 | cpe:2.3:o:huawei:ar1200-s_firmware:v200r005c20:*:*:*:*:*:*:* |
huawei | ar1200-s_firmware | v200r006c10 | cpe:2.3:o:huawei:ar1200-s_firmware:v200r006c10:*:*:*:*:*:*:* |
huawei | ar1200-s | - | cpe:2.3:h:huawei:ar1200-s:-:*:*:*:*:*:*:* |
huawei | ar150_firmware | v200r005c20 | cpe:2.3:o:huawei:ar150_firmware:v200r005c20:*:*:*:*:*:*:* |
[
{
"product": "AR120-S, AR1200, AR1200-S, AR150, AR150-S, AR160, AR200, AR200-S, AR2200, AR2200-S, AR3200, AR3600, NetEngine16EX, SRG1300, SRG2300, SRG3300",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "AR120-S V200R005C20, V200R006C10, AR1200 V200R005C20, V200R006C10, AR1200-S V200R005C20, V200R006C10, AR150 V200R005C20, V200R006C10, AR150-S V200R005C20, V200R006C10, AR160 V200R005C20, V200R006C10, AR200 V200R005C20, V200R006C10, AR200-S V200R005C20, V200R006C10, AR2200 V200R005C20, V200R006C10, AR2200-S V200R005C20, V200R006C10, AR3200 V200R005C20, V200R006C10, AR3600 V200R006C10, NetEngine16EX V200R005C20, V200R006C10, SRG1300 V200R005C20, V200R006C10, SRG2300 V200R005C20, V200R006C10, SRG3300 V200R005C20, V200R006C10"
}
]
}
]
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
50.1%