Описание
There is a short key vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept and decrypt the call information when the user enables SRTP to make a call. Successful exploitation may cause sensitive information leak.
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:huawei:espace_7950_firmware:v200r003c30:*:*:*:*:*:*:*
cpe:2.3:h:huawei:espace_7950:-:*:*:*:*:*:*:*
EPSS
Процентиль: 19%
0.00061
Низкий
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-327
Связанные уязвимости
CVSS3: 5.9
github
больше 3 лет назад
There is a short key vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept and decrypt the call information when the user enables SRTP to make a call. Successful exploitation may cause sensitive information leak.
EPSS
Процентиль: 19%
0.00061
Низкий
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-327