var-201705-2542
Vulnerability from variot
The mDNS module in Huawei WLAN AC6005, AC6605, and ACU2 devices with software before V200R006C00SPC100 allows remote attackers to obtain sensitive information by leveraging failure to restrict processing of mDNS unicast queries to the link local network. Huawei WLAN AC6005 is a wireless access controller product from China Huawei. An information disclosure vulnerability exists in the mDNS module module of several Huawei WLAN AC products. An attacker could exploit the vulnerability to disclose sensitive information. The following products and versions are affected: WLAN AC6005 V200R005C00, V200R005C10, and V200R006C00 WLAN AC6605 V200R005C00, V200R005C10, and V200R006C00 WLAN ACU2 V200R005C00, V200R005C10, and V200R006C00. mDNS is one of the multicast DNS transmission modules. The vulnerability stems from the fact that the program does not handle mDNS correctly
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201705-2542",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wlan ac6005",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c10"
},
{
"model": "wlan ac6605",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "wlan acu2",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "wlan ac6605",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c00"
},
{
"model": "wlan acu2",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c00"
},
{
"model": "wlan ac6005",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "wlan ac6005",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c00"
},
{
"model": "wlan ac6605",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c10"
},
{
"model": "wlan acu2",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c10"
},
{
"model": "ac6005",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v200r006c00spc100"
},
{
"model": "ac6605",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v200r006c00spc100"
},
{
"model": "acu2",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v200r006c00spc100"
},
{
"model": "wlan ac6005",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "wlan ac6605",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "wlan acu2",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v200r005c00"
},
{
"model": "wlan ac6005",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "wlan ac6605",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v200r005c10"
},
{
"model": "wlan ac6005",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v200r005c10"
},
{
"model": "wlan acu2",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "wlan ac6605",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v200r005c00"
},
{
"model": "wlan acu2",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v200r005c10"
},
{
"model": "wlan ac6005",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v200r005c00"
},
{
"model": "wlan acu2 v200r006c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wlan acu2 v200r005c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wlan acu2 v200r005c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wlan ac6605 v200r006c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wlan ac6605 v200r005c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wlan ac6605 v200r005c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wlan ac6005 v200r006c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wlan ac6005 v200r005c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wlan ac6005 v200r005c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wlan acu2 v200r006c00spc100",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wlan ac6605 v200r006c00spc100",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wlan ac6005 v200r006c00spc100",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06224"
},
{
"db": "BID",
"id": "76684"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007570"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-272"
},
{
"db": "NVD",
"id": "CVE-2015-6586"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:huawei:ac6005_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:ac6605_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:acu2_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007570"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Chad Seaman",
"sources": [
{
"db": "BID",
"id": "76684"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-272"
}
],
"trust": 0.9
},
"cve": "CVE-2015-6586",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-6586",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-06224",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-84547",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2015-6586",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6586",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-6586",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2015-06224",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201509-272",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-84547",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06224"
},
{
"db": "VULHUB",
"id": "VHN-84547"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007570"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-272"
},
{
"db": "NVD",
"id": "CVE-2015-6586"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The mDNS module in Huawei WLAN AC6005, AC6605, and ACU2 devices with software before V200R006C00SPC100 allows remote attackers to obtain sensitive information by leveraging failure to restrict processing of mDNS unicast queries to the link local network. Huawei WLAN AC6005 is a wireless access controller product from China Huawei. An information disclosure vulnerability exists in the mDNS module module of several Huawei WLAN AC products. An attacker could exploit the vulnerability to disclose sensitive information. \nThe following products and versions are affected:\nWLAN AC6005 V200R005C00, V200R005C10, and V200R006C00\nWLAN AC6605 V200R005C00, V200R005C10, and V200R006C00\nWLAN ACU2 V200R005C00, V200R005C10, and V200R006C00. mDNS is one of the multicast DNS transmission modules. The vulnerability stems from the fact that the program does not handle mDNS correctly",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6586"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007570"
},
{
"db": "CNVD",
"id": "CNVD-2015-06224"
},
{
"db": "BID",
"id": "76684"
},
{
"db": "VULHUB",
"id": "VHN-84547"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6586",
"trust": 3.4
},
{
"db": "BID",
"id": "76684",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007570",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2015-06224",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201509-272",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-84547",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06224"
},
{
"db": "VULHUB",
"id": "VHN-84547"
},
{
"db": "BID",
"id": "76684"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007570"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-272"
},
{
"db": "NVD",
"id": "CVE-2015-6586"
}
]
},
"id": "VAR-201705-2542",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06224"
},
{
"db": "VULHUB",
"id": "VHN-84547"
}
],
"trust": 1.3809524
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06224"
}
]
},
"last_update_date": "2024-11-23T22:26:46.634000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Huawei-SA-20150909-01-mDNS",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-453516"
},
{
"title": "Patches for various Huawei WLAN AC product information disclosure vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/64456"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06224"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007570"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84547"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007570"
},
{
"db": "NVD",
"id": "CVE-2015-6586"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/76684"
},
{
"trust": 1.7,
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-453516.htm"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6586"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6586"
},
{
"trust": 0.3,
"url": "http://www.huawei.com"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-453516.htm "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06224"
},
{
"db": "VULHUB",
"id": "VHN-84547"
},
{
"db": "BID",
"id": "76684"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007570"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-272"
},
{
"db": "NVD",
"id": "CVE-2015-6586"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2015-06224"
},
{
"db": "VULHUB",
"id": "VHN-84547"
},
{
"db": "BID",
"id": "76684"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007570"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-272"
},
{
"db": "NVD",
"id": "CVE-2015-6586"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-09-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-06224"
},
{
"date": "2017-05-23T00:00:00",
"db": "VULHUB",
"id": "VHN-84547"
},
{
"date": "2015-09-09T00:00:00",
"db": "BID",
"id": "76684"
},
{
"date": "2017-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007570"
},
{
"date": "2015-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201509-272"
},
{
"date": "2017-05-23T04:29:00.963000",
"db": "NVD",
"id": "CVE-2015-6586"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-09-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-06224"
},
{
"date": "2017-06-07T00:00:00",
"db": "VULHUB",
"id": "VHN-84547"
},
{
"date": "2015-09-09T00:00:00",
"db": "BID",
"id": "76684"
},
{
"date": "2017-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007570"
},
{
"date": "2017-05-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201509-272"
},
{
"date": "2024-11-21T02:35:15.707000",
"db": "NVD",
"id": "CVE-2015-6586"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201509-272"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei WLAN AC Device software mDNS Vulnerability in module where important information is obtained",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007570"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201509-272"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…