Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-1857

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have an information leakage vulnerability. Due to improper processing of some data, a local authenticated attacker can exploit this vulnerability through a series of operations. Successful exploitation may cause information leakage.

Published

2020-02-17T20:15:11.633

Last Modified

2024-11-21T05:11:29.713

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.5 (MEDIUM)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

  • Access Vector: LOCAL
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: NONE
  • Availability Impact: NONE
Exploitability Score

3.9

Impact Score

2.9

Weaknesses
  • Type: Primary
    NVD-CWE-noinfo
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System huawei nip6800_firmware v500r001c30 Yes
Operating System huawei nip6800_firmware v500r001c60spc500 Yes
Operating System huawei nip6800_firmware v500r005c00spc100 Yes
Hardware huawei nip6800 - No
Operating System huawei secospace_usg6600_firmware v500r001c30spc200 Yes
Operating System huawei secospace_usg6600_firmware v500r001c30spc600 Yes
Operating System huawei secospace_usg6600_firmware v500r001c60spc500 Yes
Operating System huawei secospace_usg6600_firmware v500r005c00spc100 Yes
Hardware huawei secospace_usg6600 - No
Operating System huawei usg9500_firmware v500r001c30spc200 Yes
Operating System huawei usg9500_firmware v500r001c30spc600 Yes
Operating System huawei usg9500_firmware v500r001c60spc500 Yes
Operating System huawei usg9500_firmware v500r005c00spc100 Yes
Hardware huawei usg9500 - No
References