Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-1827

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have an information leakage vulnerability. An attacker can exploit this vulnerability by sending specific request packets to affected devices. Successful exploit may lead to information leakage.

Published

2020-02-17T21:15:12.757

Last Modified

2024-11-21T05:11:26.723

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: NONE
  • Integrity Impact: NONE
  • Availability Impact: PARTIAL
Exploitability Score

10.0

Impact Score

2.9

Weaknesses
  • Type: Primary
    CWE-404
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System huawei nip6800_firmware v500r001c30 Yes
Operating System huawei nip6800_firmware v500r001c60spc500 Yes
Operating System huawei nip6800_firmware v500r005c00spc100 Yes
Hardware huawei nip6800 - No
Operating System huawei secospace_usg6600_firmware v500r001c30spc200 Yes
Operating System huawei secospace_usg6600_firmware v500r001c30spc600 Yes
Operating System huawei secospace_usg6600_firmware v500r001c60spc500 Yes
Operating System huawei secospace_usg6600_firmware v500r005c00spc100 Yes
Hardware huawei secospace_usg6600 - No
Operating System huawei usg9500_firmware v500r001c30spc200 Yes
Operating System huawei usg9500_firmware v500r001c30spc600 Yes
Operating System huawei usg9500_firmware v500r001c60spc500 Yes
Operating System huawei usg9500_firmware v500r005c00spc100 Yes
Hardware huawei usg9500 - No
References