CVE-2020-1841

Published Feb 17, 2020

Last updated 4 months ago

CVSS high 7.5

Overview

Description: Huawei CloudLink Board version 20.0.0; DP300 version V500R002C00; RSE6500 versions V100R001C00, V500R002C00, and V500R002C00SPC900; and TE60 versions V500R002C00, V600R006C00, V600R006C00SPC200, V600R006C00SPC300, V600R006C10, V600R019C00, and V600R019C00SPC100 have an information leak vulnerability. An unauthenticated, remote attacker can make a large number of attempts to guess information. Successful exploitation may cause information leak.
Source: psirt@huawei.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:cloudlink_board_firmware:20.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB83669F-200D-41D5-897D-5C2B1235DAC6"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:cloudlink_board:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A4D0A02C-4FCB-4B63-A3F3-A58FC93AC139"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8871106B-D3AF-4CFB-A544-1FA411642428"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7F3483B2-9EB6-4E34-900A-945C04A3160D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:rse6500_firmware:v100r001c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD1A7B89-F3A6-4FB1-8871-15BBFFC82E54"
          },
          {
            "criteria": "cpe:2.3:o:huawei:rse6500_firmware:v500r002c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "649BB696-BDBE-46FC-A23D-287DE306D8BB"
          },
          {
            "criteria": "cpe:2.3:o:huawei:rse6500_firmware:v500r002c00spc900:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F073EA63-0FB7-404A-9A6D-6518A0713C92"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:rse6500:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4DD9417D-0515-4B21-AD32-E6B137575D01"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "01BC9042-0485-437F-811F-F8898B3B7EA7"
          },
          {
            "criteria": "cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A29049D-F472-4772-8750-20730DA624E9"
          },
          {
            "criteria": "cpe:2.3:o:huawei:te60_firmware:v600r006c00spc200:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "040454F6-FCDB-4320-8933-8F7DBB9956ED"
          },
          {
            "criteria": "cpe:2.3:o:huawei:te60_firmware:v600r006c00spc300:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "98F3BB83-7F0A-4C59-B889-7EF95BD581BA"
          },
          {
            "criteria": "cpe:2.3:o:huawei:te60_firmware:v600r006c10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F394525-A467-4403-A1AA-306391427D0A"
          },
          {
            "criteria": "cpe:2.3:o:huawei:te60_firmware:v600r019c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5D2027FF-A5CB-4120-ADF0-06D1BADAB8C3"
          },
          {
            "criteria": "cpe:2.3:o:huawei:te60_firmware:v600r019c00spc100:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1C682A04-0F19-4DA6-B8C2-07EA00010D1D"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "999117E9-90C8-4E76-90B5-7D364C0B84BF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References