Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-1856

Huawei NGFW Module, NIP6300, NIP6600, Secospace USG6500, Secospace USG6600, and USG9500 versions V500R001C30, V500R001C60, and V500R005C00 have an information leakage vulnerability. An attacker can exploit this vulnerability by sending specific request packets to affected devices. Successful exploit may lead to information leakage.

Published

2020-02-17T21:15:13.117

Last Modified

2024-11-21T05:11:29.587

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	huawei	ngfw_module_firmware	v500r001c30	Yes
Operating System	huawei	ngfw_module_firmware	v500r001c60	Yes
Operating System	huawei	ngfw_module_firmware	v500r005c00	Yes
Hardware	huawei	ngfw_module	-	No
Operating System	huawei	nip6300_firmware	v500r001c30	Yes
Operating System	huawei	nip6300_firmware	v500r001c60	Yes
Operating System	huawei	nip6300_firmware	v500r005c00	Yes
Hardware	huawei	nip6300	-	No
Operating System	huawei	nip6600_firmware	v500r001c30	Yes
Operating System	huawei	nip6600_firmware	v500r001c60	Yes
Operating System	huawei	nip6600_firmware	v500r005c00	Yes
Hardware	huawei	nip6600	-	No
Operating System	huawei	secospace_usg6500_firmware	v500r001c30	Yes
Operating System	huawei	secospace_usg6500_firmware	v500r001c60	Yes
Operating System	huawei	secospace_usg6500_firmware	v500r005c00	Yes
Hardware	huawei	secospace_usg6500	-	No
Operating System	huawei	secospace_usg6600_firmware	v500r001c30	Yes
Operating System	huawei	secospace_usg6600_firmware	v500r001c60	Yes
Operating System	huawei	secospace_usg6600_firmware	v500r005c00	Yes
Hardware	huawei	secospace_usg6600	-	No
Operating System	huawei	usg9500_firmware	v500r001c30	Yes
Operating System	huawei	usg9500_firmware	v500r001c60	Yes
Operating System	huawei	usg9500_firmware	v500r005c00	Yes
Hardware	huawei	usg9500	-	No

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200205-01-firewall-en Vendor Advisory ([email protected])
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200205-01-firewall-en Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)