Lucene search

[email protected]NVD:CVE-2020-9071

HistoryJun 01, 2020 - 3:15 p.m.

CVE-2020-9071

2020-06-0115:15:14

CWE-125

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

35.0%

JSON

There is a few bytes out-of-bounds read vulnerability in some Huawei products. The software reads data past the end of the intended buffer when parsing certain message, an authenticated attacker could exploit this vulnerability by sending crafted messages to the device. Successful exploit may cause service abnormal in specific scenario.Affected product versions include:AR120-S versions V200R007C00SPC900,V200R007C00SPCa00

Affected configurations

Nvd

Node

huaweiar120-sMatch-

AND

huaweiar120-s_firmwareMatchv200r007c00spc900

huaweiar120-s_firmwareMatchv200r007c00spca00

huaweiar120-s_firmwareMatchv200r007c00spcb00

huaweiar120-s_firmwareMatchv200r007c00spcc00

Node

huaweiar1200Match-

AND

huaweiar1200_firmwareMatchv200r007c00spc900

huaweiar1200_firmwareMatchv200r007c00spc900pwe

huaweiar1200_firmwareMatchv200r007c00spca00

huaweiar1200_firmwareMatchv200r007c00spcb00

huaweiar1200_firmwareMatchv200r007c00spcb00pwe

huaweiar1200_firmwareMatchv200r007c00spcc00

Node

huaweiar1200-sMatch-

AND

huaweiar1200-s_firmwareMatchv200r007c00spc900

huaweiar1200-s_firmwareMatchv200r007c00spcb00

huaweiar1200-s_firmwareMatchv200r007c00spcc00

Node

huaweiar150Match-

AND

huaweiar150_firmwareMatchv200r007c00spc900

huaweiar150_firmwareMatchv200r007c00spc900pwe

huaweiar150_firmwareMatchv200r007c00spcb00

huaweiar150_firmwareMatchv200r007c00spcb00pwe

huaweiar150_firmwareMatchv200r007c00spcc00

Node

huaweiar150-sMatch-

AND

huaweiar150-s_firmwareMatchv200r007c00spc900

huaweiar150-s_firmwareMatchv200r007c00spcb00

huaweiar150-s_firmwareMatchv200r007c00spcc00

Node

huaweiar160Match-

AND

huaweiar160_firmwareMatchv200r007c00spc900

huaweiar160_firmwareMatchv200r007c00spc900pwe

huaweiar160_firmwareMatchv200r007c00spcb00

huaweiar160_firmwareMatchv200r007c00spcb00pwe

huaweiar160_firmwareMatchv200r007c00spcc00

Node

huaweiar200Match-

AND

huaweiar200_firmwareMatchv200r007c00spc900

huaweiar200_firmwareMatchv200r007c00spc900pwe

huaweiar200_firmwareMatchv200r007c00spcb00

huaweiar200_firmwareMatchv200r007c00spcb00pwe

huaweiar200_firmwareMatchv200r007c00spcc00

Node

huaweiar200-sMatch-

AND

huaweiar200-s_firmwareMatchv200r007c00spc900

huaweiar200-s_firmwareMatchv200r007c00spcb00

huaweiar200-s_firmwareMatchv200r007c00spcc00

Node

huaweiar2200_firmwareMatchv200r007c00spc900

huaweiar2200_firmwareMatchv200r007c00spc900pwe

huaweiar2200_firmwareMatchv200r007c00spca00

huaweiar2200_firmwareMatchv200r007c00spcb00

huaweiar2200_firmwareMatchv200r007c00spcb00pwe

huaweiar2200_firmwareMatchv200r007c00spcc00

AND

huaweiar2200Match-

Node

huaweiar2200-s_firmwareMatchv200r007c00spc900

huaweiar2200-s_firmwareMatchv200r007c00spcb00

huaweiar2200-s_firmwareMatchv200r007c00spcc00

AND

huaweiar2200-sMatch-

Node

huaweiar3200_firmwareMatchv200r007c00

huaweiar3200_firmwareMatchv200r007c00spc900

huaweiar3200_firmwareMatchv200r007c00spc900pwe

huaweiar3200_firmwareMatchv200r007c00spca00

huaweiar3200_firmwareMatchv200r007c00spcb00

huaweiar3200_firmwareMatchv200r007c00spcb00pwe

huaweiar3200_firmwareMatchv200r007c00spcc00

AND

huaweiar3200Match-

Node

huaweiar3600_firmwareMatchv200r007c00spc900

huaweiar3600_firmwareMatchv200r007c00spc900pwe

huaweiar3600_firmwareMatchv200r007c00spcb00

huaweiar3600_firmwareMatchv200r007c00spcb00pwe

huaweiar3600_firmwareMatchv200r007c00spcc00

AND

huaweiar3600Match-

Node

huaweiar510_firmwareMatchv200r007c00spc900

AND

huaweiar510Match-

Node

huaweinetengine16ex_firmwareMatchv200r007c00spc900

huaweinetengine16ex_firmwareMatchv200r007c00spcb00

huaweinetengine16ex_firmwareMatchv200r007c00spcc00

AND

huaweinetengine16exMatch-

Node

huaweisrg1300_firmwareMatchv200r007c00spc900

huaweisrg1300_firmwareMatchv200r007c00spcb00

huaweisrg1300_firmwareMatchv200r007c00spcc00

AND

huaweisrg1300Match-

Node

huaweisrg2300_firmwareMatchv200r007c00spc900

huaweisrg2300_firmwareMatchv200r007c00spcb00

huaweisrg2300_firmwareMatchv200r007c00spcc00

AND

huaweisrg2300Match-

Node

huaweisrg3300_firmwareMatchv200r007c00spc900

huaweisrg3300_firmwareMatchv200r007c00spcb00

huaweisrg3300_firmwareMatchv200r007c00spcc00

AND

huaweisrg3300Match-

VendorProductVersionCPE
huaweiar120-s-cpe:2.3:h:huawei:ar120-s:-:*:*:*:*:*:*:*
huaweiar120-s_firmwarev200r007c00spc900cpe:2.3:o:huawei:ar120-s_firmware:v200r007c00spc900:*:*:*:*:*:*:*
huaweiar120-s_firmwarev200r007c00spca00cpe:2.3:o:huawei:ar120-s_firmware:v200r007c00spca00:*:*:*:*:*:*:*
huaweiar120-s_firmwarev200r007c00spcb00cpe:2.3:o:huawei:ar120-s_firmware:v200r007c00spcb00:*:*:*:*:*:*:*
huaweiar120-s_firmwarev200r007c00spcc00cpe:2.3:o:huawei:ar120-s_firmware:v200r007c00spcc00:*:*:*:*:*:*:*
huaweiar1200-cpe:2.3:h:huawei:ar1200:-:*:*:*:*:*:*:*
huaweiar1200_firmwarev200r007c00spc900cpe:2.3:o:huawei:ar1200_firmware:v200r007c00spc900:*:*:*:*:*:*:*
huaweiar1200_firmwarev200r007c00spc900pwecpe:2.3:o:huawei:ar1200_firmware:v200r007c00spc900pwe:*:*:*:*:*:*:*
huaweiar1200_firmwarev200r007c00spca00cpe:2.3:o:huawei:ar1200_firmware:v200r007c00spca00:*:*:*:*:*:*:*
huaweiar1200_firmwarev200r007c00spcb00cpe:2.3:o:huawei:ar1200_firmware:v200r007c00spcb00:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
huawei	ar120-s	-	cpe:2.3:h:huawei:ar120-s:-:::::::*
huawei	ar120-s_firmware	v200r007c00spc900	cpe:2.3:o:huawei:ar120-s_firmware:v200r007c00spc900:::::::*
huawei	ar120-s_firmware	v200r007c00spca00	cpe:2.3:o:huawei:ar120-s_firmware:v200r007c00spca00:::::::*
huawei	ar120-s_firmware	v200r007c00spcb00	cpe:2.3:o:huawei:ar120-s_firmware:v200r007c00spcb00:::::::*
huawei	ar120-s_firmware	v200r007c00spcc00	cpe:2.3:o:huawei:ar120-s_firmware:v200r007c00spcc00:::::::*
huawei	ar1200	-	cpe:2.3:h:huawei:ar1200:-:::::::*
huawei	ar1200_firmware	v200r007c00spc900	cpe:2.3:o:huawei:ar1200_firmware:v200r007c00spc900:::::::*
huawei	ar1200_firmware	v200r007c00spc900pwe	cpe:2.3:o:huawei:ar1200_firmware:v200r007c00spc900pwe:::::::*
huawei	ar1200_firmware	v200r007c00spca00	cpe:2.3:o:huawei:ar1200_firmware:v200r007c00spca00:::::::*
huawei	ar1200_firmware	v200r007c00spcb00	cpe:2.3:o:huawei:ar1200_firmware:v200r007c00spcb00:::::::*

Rows per page:

1-10 of 851

References

www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-01-oob-en

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

35.0%

JSON

Related for NVD:CVE-2020-9071

cve1 prion1 cvelist1 huawei1