CVE-2012-3268

Certain HP Access Controller, Fabric Module, Firewall, Router, Switch, and UTM Appliance products; certain HP 3Com Access Controller, Router, and Switch products; certain HP H3C Access Controller, Firewall, Router, Switch, and Switch and Route Processing Unit products; and certain Huawei Firewall/Gateway, Router, Switch, and Wireless products do not properly implement access control as defined in h3c-user.mib 2.0 and hh3c-user.mib 2.0, which allows remote authenticated users to discover credentials in UserInfoEntry values via an SNMP request with the read-only community.

Published: Feb 1, 2013
Updated: Apr 13, 2023
CVE: CVE-2012-3268
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 3.5
AV:N/AC:M/Au:S/C:P/I:N/A:N

CWEs:

CWE-522

OWASP TOP 10:

A2 - Broken Authentication

Affected Software
References

Software	From	Fixed in
huawei / me60	600r002	600r002.x
huawei / ne20e-x6	600r003	600r003.x
huawei / cx600	600r002	600r002.x
huawei / ne5000e	800r002	800r002.x
huawei / ne40e&80e	600r001	600r001.x
huawei / me60	600r005c00spc600	600r005c00spc600.x
huawei / atn	200r001c01	200r001c01.x
huawei / -ma5200g	300r003	300r003.x
huawei / ne40&80	300r005	300r005.x
huawei / ne40e&80e	600r002	600r002.x
huawei / ne20	200r005	200r005.x
huawei / atb	200r001c00	200r001c00.x
huawei / cx600	200r002	200r002.x
huawei / ne40e&80e	300r003	300r003.x
huawei / ne40e&80e	600r003	600r003.x
huawei / me60	100r006	100r006.x
huawei / me60	100r005	100r005.x
huawei / ne5000e	800r003	800r003.x
huawei / cx600	600r003	600r003.x
huawei / me60	600r003	600r003.x
huawei / cx600	600r001	600r001.x
huawei / ma5200g	200r003	200r003.x
huawei / ne5000e	300r007	300r007.x

Vulnerability Database

289,697

CVE-2012-3268