Lucene search

HuaweiCVE-2022-33735

HistorySep 20, 2022 - 8:15 p.m.

CVE-2022-33735

2022-09-2020:15:09

CWE-307

huawei

web.nvd.nist.gov

cve-2022-33735

password verification

ws7200-10

lan attackers

brute force cracking

disclosure

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

6.2

Confidence

High

EPSS

0.001

Percentile

25.9%

JSON

There is a password verification vulnerability in WS7200-10 11.0.2.13. Attackers on the LAN may use brute force cracking to obtain passwords, which may cause sensitive system information to be disclosed.

Affected configurations

Nvd

Vulners

Node

huaweiws7200-10_firmwareMatch11.0.2.13

AND

huaweiws7200-10Match-

VendorProductVersionCPE
huaweiws7200-10_firmware11.0.2.13cpe:2.3:o:huawei:ws7200-10_firmware:11.0.2.13:*:*:*:*:*:*:*
huaweiws7200-10-cpe:2.3:h:huawei:ws7200-10:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
huawei	ws7200-10_firmware	11.0.2.13	cpe:2.3:o:huawei:ws7200-10_firmware:11.0.2.13:::::::*
huawei	ws7200-10	-	cpe:2.3:h:huawei:ws7200-10:-:::::::*

CNA Affected

[
  {
    "product": "WS7200-10",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "11.0.2.13"
      }
    ]
  }
]

References

www.huawei.com/en/psirt/security-advisories/huawei-sa-20220628-01-2eda0853-en

Social References

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

6.2

Confidence

High

EPSS

0.001

Percentile

25.9%

JSON

Related for CVE-2022-33735