What is CVE-2012-4960?

CVE-2012-4960 is a vulnerability in Huawei Acu, classified under Cryptographic Issues. Published 2013-06-20.

Is CVE-2012-4960 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Huawei Acu

CVE-2012-4960

The Huawei NE5000E, MA5200G, NE40E, NE80E, ATN, NE40, NE80, NE20E-X6, NE20, ME60, CX600, CX200, CX300, ACU, WLAN AC 6605, S9300, S7700, S2300, S3300, S5300, S3300HI, S5300HI, S5306, S6300, S2700, S3700, S5700, S6700, AR G3, H3C AR(OEM IN)…

Vulnerability class: POODLE (CVE-2014-3566)

EPSS: 0.123 (94.0th percentile) — read the EPSS interpretation.

Affected products

Huawei Acu — versions v100r003c01spc100, v200r001c00, v200r001c00spc100
Huawei Ar_19\/29\/49
Huawei Ar_g3 — versions v200r001c00, v200r001c01, v200r002c00spc200
Huawei Atn — versions v200r001c00, v200r001c01
Huawei Cx200 — versions v100r005
Huawei Cx300 — versions v100r005
Huawei Cx600 — versions v200r002, v600r001, v600r002
Huawei E200e-b
Huawei E200e-c
Huawei E200e-usg2100

Weakness classification (CWE)

CWE-310 — Cryptographic Issues

Public proof-of-concept exploits

ghcohu/Decrypt-passwords-for-Huawei-routers-and-switches-CVE-2012-4960

References

VU#948096 (x_refsource_CERT-VN, US Government Resource, third-party-advisory)
cret@cert.org (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2012-4960?: CVE-2012-4960 is a vulnerability in Huawei Acu, classified under Cryptographic Issues. Published 2013-06-20.
Is CVE-2012-4960 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.