Lucene search

[email protected]NVD:CVE-2020-1847

HistoryNov 13, 2020 - 3:15 p.m.

CVE-2020-1847

2020-11-1315:15:12

[email protected]

web.nvd.nist.gov

cve-2020-1847

denial of service

huawei products

attack scenario

remote attackers

specific protocol

nip6300

nip6600

secospace usg6300

secospace usg6500

secospace usg6600

usg9500

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

42.5%

JSON

There is a denial of service vulnerability in some Huawei products. There is no protection against the attack scenario of specific protocol. A remote, unauthorized attackers can construct attack scenarios, which leads to denial of service.Affected product versions include:NIP6300 versions V500R001C30,V500R001C60;NIP6600 versions V500R001C30,V500R001C60;Secospace USG6300 versions V500R001C30,V500R001C60;Secospace USG6500 versions V500R001C30,V500R001C60;Secospace USG6600 versions V500R001C30,V500R001C60;USG9500 versions V500R001C30,V500R001C60.

Affected configurations

Nvd

Node

huaweinip6300_firmwareMatchv500r001c30

huaweinip6300_firmwareMatchv500r001c60

AND

huaweinip6300Match-

Node

huaweinip6600_firmwareMatchv500r001c30

huaweinip6600_firmwareMatchv500r001c60

AND

huaweinip6600Match-

Node

huaweisecospace_usg6300_firmwareMatchv500r001c30

huaweisecospace_usg6300_firmwareMatchv500r001c60

AND

huaweisecospace_usg6300Match-

Node

huaweisecospace_usg6500_firmwareMatchv500r001c30

huaweisecospace_usg6500_firmwareMatchv500r001c60

AND

huaweisecospace_usg6500Match-

Node

huaweisecospace_usg6600_firmwareMatchv500r001c30

huaweisecospace_usg6600_firmwareMatchv500r001c60

AND

huaweisecospace_usg6600Match-

Node

huaweiusg9500_firmwareMatchv500r001c30

huaweiusg9500_firmwareMatchv500r001c60

AND

huaweiusg9500Match-

VendorProductVersionCPE
huaweinip6300_firmwarev500r001c30cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*
huaweinip6300_firmwarev500r001c60cpe:2.3:o:huawei:nip6300_firmware:v500r001c60:*:*:*:*:*:*:*
huaweinip6300-cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*
huaweinip6600_firmwarev500r001c30cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*
huaweinip6600_firmwarev500r001c60cpe:2.3:o:huawei:nip6600_firmware:v500r001c60:*:*:*:*:*:*:*
huaweinip6600-cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*
huaweisecospace_usg6300_firmwarev500r001c30cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*
huaweisecospace_usg6300_firmwarev500r001c60cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c60:*:*:*:*:*:*:*
huaweisecospace_usg6300-cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*
huaweisecospace_usg6500_firmwarev500r001c30cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
huawei	nip6300_firmware	v500r001c30	cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:::::::*
huawei	nip6300_firmware	v500r001c60	cpe:2.3:o:huawei:nip6300_firmware:v500r001c60:::::::*
huawei	nip6300	-	cpe:2.3:h:huawei:nip6300:-:::::::*
huawei	nip6600_firmware	v500r001c30	cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:::::::*
huawei	nip6600_firmware	v500r001c60	cpe:2.3:o:huawei:nip6600_firmware:v500r001c60:::::::*
huawei	nip6600	-	cpe:2.3:h:huawei:nip6600:-:::::::*
huawei	secospace_usg6300_firmware	v500r001c30	cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:::::::*
huawei	secospace_usg6300_firmware	v500r001c60	cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c60:::::::*
huawei	secospace_usg6300	-	cpe:2.3:h:huawei:secospace_usg6300:-:::::::*
huawei	secospace_usg6500_firmware	v500r001c30	cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:::::::*

Rows per page:

1-10 of 181

References

www.huawei.com/en/psirt/security-advisories/huawei-sa-20201111-02-dos-en

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

42.5%

JSON

Related for NVD:CVE-2020-1847

huawei1 cve1 cvelist1 openvas1 prion1