CVE-2020-9069

Published May 21, 2020

Last updated 3 months ago

CVSS medium 6.5

Overview

Description: There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent attacker could exploit this vulnerability to decrypt data. Successful exploitation may leak information randomly. Affected product versions include: Anne-AL00 Versions earlier than 9.1.0.331(C675E9R1P3T8); Berkeley-L09 Versions earlier than 10.0.1.1(C675R1); CD16-10 Versions earlier than 10.0.2.8; CD17-10 Versions earlier than 10.0.2.8; CD17-16 Versions earlier than 10.0.2.8; CD18-10 Versions earlier than 10.0.2.8; CD18-16 Versions earlier than 10.0.2.8; Columbia-TL00B Versions earlier than 9.0.0.187(C01E181R1P20T8); E6878-370 Versions earlier than 10.0.5.1(H610SP10C00); HUAWEI P30 lite Versions earlier than 10.0.0.185(C605E3R1P3), Versions earlier than 10.0.0.197(C432E8R2P7); HUAWEI nova 4e Versions earlier than 10.0.0.158(C00E64R1P9); Honor 10 Lite 9.0.1.113(C675E11R1P12); LelandP-L22A Versions earlier than 9.1.0.166(C675E5R1P4T8); Marie-AL00AX Versions earlier than 10.0.0.158(C00E64R1P9); Marie-AL00AY Versions earlier than 10.0.0.158(C00E64R1P9); Marie-AL00BX Versions earlier than 10.0.0.158(C00E64R1P9); Marie-L03BX Versions earlier than 10.0.0.188(C605E5R1P1); Marie-L21BX Versions earlier than 10.0.0.188(C432E4R4P1), Versions earlier than 10.0.0.188(C461E5R3P1); Marie-L22BX Versions earlier than 10.0.0.188(C636E3R3P1); Marie-L23BX Versions earlier than 10.0.0.188(C605E5R1P1); TC5200-16 Versions earlier than 10.0.2.8; WS5200-11 Versions earlier than 10.0.2.8; WS5200-12 Versions earlier than 10.0.2.23; WS5200-16 Versions earlier than 10.0.2.8; WS5200-17 Versions earlier than 10.0.2.23; WS5800-10 Versions earlier than 10.0.3.27; WS6500-10 Versions earlier than 10.0.2.8; WS6500-16 Versions earlier than 10.0.2.8
Source: psirt@huawei.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 6.5
Impact score: 3.6
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 3.3
Impact score: 2.9
Exploitability score: 6.5
Vector string: AV:A/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:anne-al00_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A61FF27C-1D5A-414C-88BE-A4E1567D57E3",
            "versionEndExcluding": "9.1.0.331\\(c675e9r1p3t8\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:anne-al00:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "06F78E5C-78A2-464C-B4DC-8CF6A2D1133C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D7BA6CC3-74ED-4936-B5F3-09AE0942D7F1",
            "versionEndExcluding": "10.0.1.1\\(c675r1\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DB51593F-70AE-47F6-AFE5-02693181E599"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:cd16-10_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "71E7A9EC-D51E-4E00-9E20-397405DD405E",
            "versionEndExcluding": "10.0.2.8"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:cd16-10:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5E4BF946-F846-4B59-A8BD-71D3C32FA9DE"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:cd17-10_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1259623C-9765-4A03-B984-71BC23832EA5",
            "versionEndExcluding": "10.0.2.8"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:cd17-10:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "86840A12-552E-4673-9459-9C888D311227"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:cd17-16_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5021FFF9-39E9-4392-8F7B-77C99AD9021B",
            "versionEndExcluding": "10.0.2.8"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:cd17-16:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "192D571A-3612-48FF-AD58-F85C05109DB0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:cd18-10_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "99350875-103C-4E3D-A3F1-CB51A3F04CAB",
            "versionEndExcluding": "10.0.2.8"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:cd18-10:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C3B85A0E-7A60-464B-BDA0-F62CBB91D469"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:cd18-16_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "541F6EEE-365C-4317-BE40-5D1780023B37",
            "versionEndExcluding": "10.0.2.8"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:cd18-16:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "272588E3-15DA-48C5-B5EA-E53D981294B5"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:columbia-tl00b_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "78009F5F-1CC7-41D5-B3D7-DFDD6888CF98",
            "versionEndExcluding": "9.0.0.187\\(c01e181r1p20t8\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:columbia-tl00b:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "02334509-2493-419F-8FF5-E1F1076FB930"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:e6878-370_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5A597E29-2CFE-4D6F-8141-D0A8A04C7BF9",
            "versionEndExcluding": "10.0.5.1\\(h610sp10c00\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:e6878-370:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "ADA263F9-F9F5-4249-A55A-748689F0271E"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_10_lite_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "01770930-E2A3-4759-8367-4DAA53046B20",
            "versionEndExcluding": "10.0.0.182\\(c675e17r2p2\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_10_lite:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "033EDED3-AF7B-40D7-A467-E3AAAFB88AE4"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:lelandp-l22a_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "93DD848A-F0E2-4064-BB74-9FC5C82157AB",
            "versionEndExcluding": "9.1.0.166\\(c675e5r1p4t8\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:lelandp-l22a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "842AB2B6-2C7A-4681-ACB7-E642E5D9D76D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:tc5200-16_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5BE98F19-5883-4C1F-892E-4AEF2DB7EDB0",
            "versionEndExcluding": "10.0.2.8"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:tc5200-16:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "392304B7-F9CD-44B4-88FB-353A650DB700"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ws5200-11_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "01371306-680F-4007-8E5A-865C67D657E5",
            "versionEndExcluding": "10.0.2.8"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ws5200-11:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C907A885-BA32-4819-B53C-0FBFE38C2510"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ws5200-11_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F9FA3F67-7545-444D-BCCB-133B6680F3A7",
            "versionEndExcluding": "10.0.2.23"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ws5200-11:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C907A885-BA32-4819-B53C-0FBFE38C2510"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ws5200-16_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "91D3BD34-4095-4730-995D-5731A0BB8BF9",
            "versionEndExcluding": "10.0.2.8"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ws5200-16:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "05E7101C-170D-4EA2-96A7-410AE55137BF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ws5200-17_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "23D525C1-B8A9-422B-A315-73BF6D4DEF7B",
            "versionEndExcluding": "10.0.2.23"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ws5200-17:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "71EAA19C-B250-4809-BE4A-4575D5F793A4"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ws5800-10_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "738EA159-65D7-42FE-B29F-1890F93A1A5D",
            "versionEndExcluding": "10.0.3.27"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ws5800-10:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "ED553DD3-585A-4BD2-9291-B9C09AC6AC40"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ws6500-10_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CCDF3E0C-594B-48BF-8E9F-4A10A11D5449",
            "versionEndExcluding": "10.0.2.8"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ws6500-10:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8C660061-69B0-43B8-BFD3-E858C6B2B437"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ws6500-16_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C0571923-C1D0-4F06-AD1E-9D43F5290B74",
            "versionEndExcluding": "10.0.2.8"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ws6500-16:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B611DA7B-A2E3-44A3-BC8B-C43308EF3E2B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References