CVE-2020-1810

Published Jan 9, 2020

Last updated 5 years ago

CVSS medium 5.3

Overview

Description: There is a weak algorithm vulnerability in some Huawei products. The affected products use the RSA algorithm in the SSL key exchange algorithm which have been considered as a weak algorithm. Attackers may exploit this vulnerability to leak some information.
Source: psirt@huawei.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.3
Impact score: 1.4
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-327

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r003c00spc600:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8CAD1A04-54E8-4F24-A018-140F9FBD0562"
          },
          {
            "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r003c10spc100:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CA1E813D-57B1-449A-9513-3AFB083E116A"
          },
          {
            "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c00spc200:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D33A009-B3C9-4894-9426-D51E5D82A189"
          },
          {
            "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c00spc300:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "417BF51F-E61F-44C3-B479-102DFB3E9233"
          },
          {
            "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c10hp0001:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7386FB64-0713-424B-A755-D1CABB877817"
          },
          {
            "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c10spc100:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DF4B8058-BEC1-4978-B12F-A526879FB7C9"
          },
          {
            "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c10spc200:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "02DB167B-D9CE-439C-8840-525E1A4BB079"
          },
          {
            "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r006c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C2DACA5-0AA6-419B-AC6A-8CC19326758E"
          },
          {
            "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r001c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4492E892-7BE5-413A-AD53-2D39BD6626F6"
          },
          {
            "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r002c01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A7B1A3E-5D5A-4E3A-89F1-73DA7FF0F060"
          },
          {
            "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r002c10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DCC0FC04-05F0-4591-89EF-4E54D9A3ED8B"
          },
          {
            "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r002c20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B7353CA0-9073-4EBD-B2FF-6FAD43274E3D"
          },
          {
            "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r005c10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "433BD50B-C8A5-4F0B-8905-18131C9FD364"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DE8A2875-0F7E-4790-A925-5999396B7578"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c00spc500:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B3B076D-F61E-4BE0-B808-D86EB6A83D92"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c03:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B18ABC1-A970-472A-A8BF-934D1180930E"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r006c00spc100:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F56ADA0A-B3B1-4B6C-9800-EB28B61E3F03"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r006c00spc300:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "53A7B27E-CA45-44B7-9BE1-5B11D69BDDF4"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r006c00spc500:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C8A24F24-F960-4F0F-A553-3C7EAE5C13E5"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r007c00spc100:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8FF2F7D0-8A62-4B9B-9551-749178FEA120"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r007c00spc500:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CCDCF4CA-48CF-4AEC-B3EC-7CD9EF9E3DA4"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c00spc500:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "96FF5103-C97A-443A-8475-0E99A0175455"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F4979AA8-0D8E-4F37-A7DC-709BE4821D51"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References