7.5

CVE-2015-6586

The mDNS module in Huawei WLAN AC6005, AC6605, and ACU2 devices with software before V200R006C00SPC100 allows remote attackers to obtain sensitive information by leveraging failure to restrict processing of mDNS unicast queries to the link local network.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
HuaweiWlan Acu2 Firmware Version <= v200r005c00
   HuaweiWlan Acu2 Version-
HuaweiWlan Acu2 Firmware Version <= v200r005c10
   HuaweiWlan Acu2 Version-
HuaweiWlan Acu2 Firmware Version <= v200r006c00
   HuaweiWlan Acu2 Version-
HuaweiWlan Ac6005 Firmware Version <= v200r005c00
   HuaweiWlan Ac6005 Version-
HuaweiWlan Ac6005 Firmware Version <= v200r005c10
   HuaweiWlan Ac6005 Version-
HuaweiWlan Ac6005 Firmware Version <= v200r006c00
   HuaweiWlan Ac6005 Version-
HuaweiWlan Ac6605 Firmware Version <= v200r005c00
   HuaweiWlan Ac6605 Version-
HuaweiWlan Ac6605 Firmware Version <= v200r005c10
   HuaweiWlan Ac6605 Version-
HuaweiWlan Ac6605 Firmware Version <= v200r006c00
   HuaweiWlan Ac6605 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.14% 0.303
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://www.securityfocus.com/bid/76684
Third Party Advisory
VDB Entry