Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-1879

There is an improper integrity checking vulnerability on some huawei products. The software of the affected product has an improper integrity check which may allow an attacker with high privilege to make malicious modifications.Affected product versions include:HEGE-560 versions 1.0.1.21(SP3);HEGE-570 versions 1.0.1.22(SP3);OSCA-550 versions 1.0.1.21(SP3);OSCA-550A versions 1.0.1.21(SP3);OSCA-550AX versions 1.0.1.21(SP3);OSCA-550X versions 1.0.1.21(SP3).

Published

2020-03-20T16:15:15.147

Last Modified

2024-11-21T05:11:32.013

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 3.9 (LOW)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:N/I:P/A:P

  • Access Vector: LOCAL
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: NONE
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

3.9

Impact Score

4.9

Weaknesses
  • Type: Primary
    CWE-354
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System huawei hege-560_firmware 1.0.1.21\(sp3\) Yes
Hardware huawei hege-560 - No
Operating System huawei hege-570_firmware 1.0.1.21\(sp3\) Yes
Hardware huawei hege-570 - No
Operating System huawei osca-550_firmware 1.0.1.21\(sp3\) Yes
Hardware huawei osca-550 - No
Operating System huawei osca-550a_firmware 1.0.1.21\(sp3\) Yes
Hardware huawei osca-550a - No
Operating System huawei osca-550ax_firmware 1.0.1.21\(sp3\) Yes
Hardware huawei osca-550ax - No
Operating System huawei osca-550x_firmware 1.0.1.21\(sp3\) Yes
Hardware huawei osca-550x - No
References