- Description
- Huawei AR3200 products with versions of V200R007C00SPC900, V200R007C00SPCa00, V200R007C00SPCb00, V200R007C00SPCc00, V200R009C00SPC500 have an improper authentication vulnerability. Attackers need to perform some operations to exploit the vulnerability. Successful exploit may obtain certain permissions on the device.
- Source
- psirt@huawei.com
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
- nvd@nist.gov
- CWE-287
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c00spc900:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6751A62B-6BCD-4CB7-AD52-1C5BBECB2EA8"
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c00spca00:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D512536-FBCC-4118-A1AA-F5BFD7B599A8"
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c00spcb00:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C4E35FE1-0F62-4154-84BC-C31FE38E4677"
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c00spcc00:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9E3F7A0C-3DAA-4D5B-8E46-78CF54C7AE8D"
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r009c00spc500:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8CAF3B68-BCC3-42F4-AA56-6BB301066140"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar3200:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9309E1AA-0C4E-422C-9307-A8DD0AE5D576"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]