What is the severity of CVE-2015-6586?

CVE-2015-6586 has a medium severity level, allowing attackers to obtain sensitive information.

How can I mitigate CVE-2015-6586?

To mitigate CVE-2015-6586, update your Huawei WLAN AC6005, AC6605, and ACU2 devices to the latest firmware version beyond v200R006C00SPC100.

What devices are affected by CVE-2015-6586?

CVE-2015-6586 affects Huawei WLAN AC6005, AC6605, and ACU2 devices with software versions prior to V200R006C00SPC100.

What type of attack does CVE-2015-6586 facilitate?

CVE-2015-6586 facilitates remote attackers to exploit the vulnerability to access sensitive information through mDNS unicast queries.

Is there a workaround for CVE-2015-6586?

There is no official workaround for CVE-2015-6586; the only effective solution is to upgrade to the appropriate firmware version.

Vulnerability/
CVE-2015-6586

high

7.5

CWE

200

23/5/2017

6/8/2024

CVE-2015-6586: Infoleak

First published: Tue May 23 2017(Updated: )

The mDNS module in Huawei WLAN AC6005, AC6605, and ACU2 devices with software before V200R006C00SPC100 allows remote attackers to obtain sensitive information by leveraging failure to restrict processing of mDNS unicast queries to the link local network.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Huawei WLAN ACU2 firmware	<=v200r005c00
Huawei WLAN ACU2 firmware	<=v200r005c10
Huawei WLAN ACU2 firmware	<=v200r006c00
Huawei ACU2
Huawei AC6005 Firmware	<=v200r005c00
Huawei AC6005 Firmware	<=v200r005c10
Huawei AC6005 Firmware	<=v200r006c00
Huawei AC6005
Huawei AC6605 firmware	<=v200r005c00
Huawei AC6605 firmware	<=v200r005c10
Huawei AC6605 firmware	<=v200r006c00
Huawei WLAN AC6605

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-6586?
CVE-2015-6586 has a medium severity level, allowing attackers to obtain sensitive information.
How can I mitigate CVE-2015-6586?
To mitigate CVE-2015-6586, update your Huawei WLAN AC6005, AC6605, and ACU2 devices to the latest firmware version beyond v200R006C00SPC100.
What devices are affected by CVE-2015-6586?
CVE-2015-6586 affects Huawei WLAN AC6005, AC6605, and ACU2 devices with software versions prior to V200R006C00SPC100.
What type of attack does CVE-2015-6586 facilitate?
CVE-2015-6586 facilitates remote attackers to exploit the vulnerability to access sensitive information through mDNS unicast queries.
Is there a workaround for CVE-2015-6586?
There is no official workaround for CVE-2015-6586; the only effective solution is to upgrade to the appropriate firmware version.

agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/weakness
agent/author
agent/last-modified-date
agent/severity
agent/event
agent/description
agent/first-publish-date
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/huawei
canonical/huawei wlan acu2 firmware
version/huawei wlan acu2 firmware/v200r005c00
version/huawei wlan acu2 firmware/v200r005c10
version/huawei wlan acu2 firmware/v200r006c00
canonical/huawei acu2
canonical/huawei ac6005 firmware
version/huawei ac6005 firmware/v200r005c00
version/huawei ac6005 firmware/v200r005c10
version/huawei ac6005 firmware/v200r006c00
canonical/huawei ac6005
canonical/huawei ac6605 firmware
version/huawei ac6605 firmware/v200r005c00
version/huawei ac6605 firmware/v200r005c10
version/huawei ac6605 firmware/v200r006c00
canonical/huawei wlan ac6605

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.