CVE-2020-9068
Published Apr 27, 2020
Last updated 5 years ago
Overview
- Description
- Huawei AR3200 products with versions of V200R007C00SPC900, V200R007C00SPCa00, V200R007C00SPCb00, V200R007C00SPCc00, V200R009C00SPC500 have an improper authentication vulnerability. Attackers need to perform some operations to exploit the vulnerability. Successful exploit may obtain certain permissions on the device.
- Source
- psirt@huawei.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-287
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar3200:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9309E1AA-0C4E-422C-9307-A8DD0AE5D576"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c00spc900:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6751A62B-6BCD-4CB7-AD52-1C5BBECB2EA8"
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c00spca00:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D512536-FBCC-4118-A1AA-F5BFD7B599A8"
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c00spcb00:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C4E35FE1-0F62-4154-84BC-C31FE38E4677"
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c00spcc00:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9E3F7A0C-3DAA-4D5B-8E46-78CF54C7AE8D"
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r009c00spc500:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8CAF3B68-BCC3-42F4-AA56-6BB301066140"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]