HIGH🇬🇧 English

CVE-2012-6571

CVSS 7.5v2.0pub. 2013-06-20upd. 2026-04-29

The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, and S7800 switches uses predictable Session ID values, which makes it easier for remote attackers to hijack sessions via a brute-force attack.

oryginał EN
CVSS Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
  • Huawei Ar 18 1x

    HW
    Huawei
    ≤ r0130
  • Huawei Ar 18 2x

    HW
    Huawei
    ≤ r1712
  • Huawei Ar 18 3x

    HW
    Huawei
    ≤ r0118
  • Huawei Ar 19\/29\/49

    HW
    Huawei
    ≤ r2207
  • Huawei Ar 28\/46

    HW
    Huawei
    ≤ r0311
  • Huawei S2000

    HW
    Huawei
    r6305
  • Huawei S2300

    HW
    Huawei
    r6305
  • Huawei S2700

    HW
    Huawei
    r6305
  • Huawei S3000

    HW
    Huawei
    r6305
  • Huawei S3300

    HW
    Huawei
    r6305
  • Huawei S3300hi

    HW
    Huawei
    r6305
  • Huawei S3500

    HW
    Huawei
    r6305
  • Huawei S3700

    HW
    Huawei
    r6305
  • Huawei S3900

    HW
    Huawei
    r6305
  • Huawei S5100

    HW
    Huawei
    r6305
  • Huawei S5600

    HW
    Huawei
    r6305
  • Huawei S7800

    HW
    Huawei
    r6305
  • Huawei S8500

    HW
    Huawei
    r1631r1632
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2021-37129HIGH7.5ten sam produkt

There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a functi...

CVE-2021-22377HIGH7.2ten sam produkt

There is a command injection vulnerability in S12700 V200R019C00SPC500, S2700 V200R019C00SPC500, S5700 V200R01...

CVE-2019-19397HIGH7.5ten sam produkt

There is a weak algorithm vulnerability in some Huawei products. The affected products use weak algorithms by ...

CVE-2019-5285HIGH7.5ten sam produkt

Some Huawei S series switches have a DoS vulnerability. An unauthenticated remote attacker can send crafted pa...

CVE-2017-17165HIGH7.5ten sam produkt

IPv6 function in Huawei Quidway S2700 V200R003C00SPC300, Quidway S5300 V200R003C00SPC300, Quidway S5700 V200R0...