CVE-2020-1814
Published Feb 18, 2020
Last updated 3 years ago
Overview
- Description
- Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Dangling pointer dereference vulnerability. An authenticated attacker may do some special operations in the affected products in some special scenarios to exploit the vulnerability. Due to improper race conditions of different operations, successful exploit will lead to Dangling pointer dereference, causing some service abnormal.
- Source
- psirt@huawei.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 5.3
- Impact score
- 3.6
- Exploitability score
- 1.6
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 3.5
- Impact score
- 2.9
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:N/I:N/A:P
Weaknesses
- nvd@nist.gov
- CWE-119
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r001c30:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4B3D681F-E141-4BB1-9437-8BFE286CB164"
},
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r001c60spc500:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C38F1E7A-0347-4E45-A0B6-CB8CE0D8A07E"
},
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r005c00:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D6FCA659-5DF8-44EA-91B6-A80FBB68322A"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "875441DD-575F-4F4D-A6BD-23C38641D330"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc200:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1CA7BE1F-853E-4CBA-8A90-BAEA0BCC6A97"
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc600:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B80E521E-1BFB-405E-9F8E-4A0734731FD0"
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c60spc500:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5226BD96-2B00-469B-AADD-CD0541610BBD"
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "391BFC6B-9AE6-49D7-855A-CB94AD1EE5C1"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc200:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C0BF5257-8CD1-4951-9C53-07B85D468F8B"
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc600:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6E2CDEF7-F8C8-482E-B43D-DB3F0CE010F8"
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c60spc500:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8A1EFB9D-5349-4EAF-9880-34F0D20011E4"
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r005c00:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E961C6AA-400A-41CF-A230-FE7182875F1F"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "4B6064BB-5E62-4D70-B933-05B5426EEE9C"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]