CVE-2020-1857
Published Feb 17, 2020
Last updated 3 years ago
Overview
- Description
- Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have an information leakage vulnerability. Due to improper processing of some data, a local authenticated attacker can exploit this vulnerability through a series of operations. Successful exploitation may cause information leakage.
- Source
- psirt@huawei.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 5.5
- Impact score
- 3.6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r001c30:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4B3D681F-E141-4BB1-9437-8BFE286CB164"
},
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r001c60spc500:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C38F1E7A-0347-4E45-A0B6-CB8CE0D8A07E"
},
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "954A1F94-2442-4064-9DC5-14EFC2FA62F7"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "875441DD-575F-4F4D-A6BD-23C38641D330"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc200:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1CA7BE1F-853E-4CBA-8A90-BAEA0BCC6A97"
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc600:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B80E521E-1BFB-405E-9F8E-4A0734731FD0"
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c60spc500:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5226BD96-2B00-469B-AADD-CD0541610BBD"
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4DB3FD6B-0EE4-4467-8BAE-AE52FB2906EA"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc200:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C0BF5257-8CD1-4951-9C53-07B85D468F8B"
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc600:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6E2CDEF7-F8C8-482E-B43D-DB3F0CE010F8"
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c60spc500:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8A1EFB9D-5349-4EAF-9880-34F0D20011E4"
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BE7369E3-5F3F-40D1-8690-95192131B683"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "4B6064BB-5E62-4D70-B933-05B5426EEE9C"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]