Search criteria
120 vulnerabilities found for Secospace USG6600 by Huawei
VAR-201704-0425
Vulnerability from variot - Updated: 2025-04-20 23:37The security policy processing module in Huawei Secospace USG6300 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200; Secospace USG6500 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200; Secospace USG6600 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200 allows authenticated attackers to setup a specific security policy into the devices, causing a buffer overflow and crashing the system. Huawei Secospace is a terminal security management system. A buffer overflow vulnerability exists in multiple Huawei Secospace products. Because the user does not perform a boundary check on the data copied by the user, the attacker can exploit the vulnerability to restart the affected device, resulting in a denial of service condition and possibly executing arbitrary code. Attackers can exploit this issue to reboot the affected device to cause denial-of-service conditions. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed. Huawei Secospace USG6300 etc. are the firewalls of China Huawei (Huawei). The following products and versions are affected: Huawei Secospace USG6300 V500R001C20SPC100 Version, V500R001C20SPC101 Version, V500R001C20SPC200 Version; Secospace USG6500 USG6300 V500R001C20SPC100 Version, V500R001C20SPC101 Version, V500R001C20SPC200 Version; Secospace USG6600 V500R001C20SPC100 Version, V500R001C20SPC101 Version, V500R001C20SPC200 Version
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-0425",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v500r001c20spc101"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v500r001c20spc200"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v500r001c20spc101"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v500r001c20spc200"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v500r001c20spc101"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v500r001c20spc200"
},
{
"model": "secospace usg6300 v500r001c20spc100",
"scope": null,
"trust": 0.9,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300 v500r001c20spc101",
"scope": null,
"trust": 0.9,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300 v500r001c20spc200",
"scope": null,
"trust": 0.9,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6500 v500r001c20spc100",
"scope": null,
"trust": 0.9,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6500 v500r001c20spc101",
"scope": null,
"trust": 0.9,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6500 v500r001c20spc200",
"scope": null,
"trust": 0.9,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6600 v500r001c20spc100",
"scope": null,
"trust": 0.9,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6600 v500r001c20spc101",
"scope": null,
"trust": 0.9,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6600 v500r001c20spc200",
"scope": null,
"trust": 0.9,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6600 v500r001c20spc300",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6500 v500r001c20spc300",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300 v500r001c20spc300",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11668"
},
{
"db": "BID",
"id": "94538"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008214"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-650"
},
{
"db": "NVD",
"id": "CVE-2016-8802"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:huawei:secospace_usg6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:secospace_usg6500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:secospace_usg6600_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008214"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "94538"
}
],
"trust": 0.3
},
"cve": "CVE-2016-8802",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CVE-2016-8802",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-11668",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "VHN-97622",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2016-8802",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-8802",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2016-8802",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2016-11668",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201611-650",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-97622",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11668"
},
{
"db": "VULHUB",
"id": "VHN-97622"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008214"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-650"
},
{
"db": "NVD",
"id": "CVE-2016-8802"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The security policy processing module in Huawei Secospace USG6300 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200; Secospace USG6500 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200; Secospace USG6600 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200 allows authenticated attackers to setup a specific security policy into the devices, causing a buffer overflow and crashing the system. Huawei Secospace is a terminal security management system. A buffer overflow vulnerability exists in multiple Huawei Secospace products. Because the user does not perform a boundary check on the data copied by the user, the attacker can exploit the vulnerability to restart the affected device, resulting in a denial of service condition and possibly executing arbitrary code. \nAttackers can exploit this issue to reboot the affected device to cause denial-of-service conditions. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed. Huawei Secospace USG6300 etc. are the firewalls of China Huawei (Huawei). The following products and versions are affected: Huawei Secospace USG6300 V500R001C20SPC100 Version, V500R001C20SPC101 Version, V500R001C20SPC200 Version; Secospace USG6500 USG6300 V500R001C20SPC100 Version, V500R001C20SPC101 Version, V500R001C20SPC200 Version; Secospace USG6600 V500R001C20SPC100 Version, V500R001C20SPC101 Version, V500R001C20SPC200 Version",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-8802"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008214"
},
{
"db": "CNVD",
"id": "CNVD-2016-11668"
},
{
"db": "BID",
"id": "94538"
},
{
"db": "VULHUB",
"id": "VHN-97622"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-8802",
"trust": 3.4
},
{
"db": "BID",
"id": "94538",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008214",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201611-650",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-11668",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-97622",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11668"
},
{
"db": "VULHUB",
"id": "VHN-97622"
},
{
"db": "BID",
"id": "94538"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008214"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-650"
},
{
"db": "NVD",
"id": "CVE-2016-8802"
}
]
},
"id": "VAR-201704-0425",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11668"
},
{
"db": "VULHUB",
"id": "VHN-97622"
}
],
"trust": 1.3653315199999998
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11668"
}
]
},
"last_update_date": "2025-04-20T23:37:57.063000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20161125-01-usg",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161125-01-usg-en"
},
{
"title": "Patch for buffer overflow vulnerability in multiple HuaweiSecospace products",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/84654"
},
{
"title": "Multiple Huawei Secospace Repair measures for firewall product buffer overflow vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=66066"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11668"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008214"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-650"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-97622"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008214"
},
{
"db": "NVD",
"id": "CVE-2016-8802"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161125-01-usg-en"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/94538"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8802"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-8802"
},
{
"trust": 0.3,
"url": "http://www.huawei.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11668"
},
{
"db": "VULHUB",
"id": "VHN-97622"
},
{
"db": "BID",
"id": "94538"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008214"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-650"
},
{
"db": "NVD",
"id": "CVE-2016-8802"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-11668"
},
{
"db": "VULHUB",
"id": "VHN-97622"
},
{
"db": "BID",
"id": "94538"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008214"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-650"
},
{
"db": "NVD",
"id": "CVE-2016-8802"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11668"
},
{
"date": "2017-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-97622"
},
{
"date": "2016-11-25T00:00:00",
"db": "BID",
"id": "94538"
},
{
"date": "2017-05-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008214"
},
{
"date": "2016-11-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-650"
},
{
"date": "2017-04-02T20:59:01.937000",
"db": "NVD",
"id": "CVE-2016-8802"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11668"
},
{
"date": "2017-04-05T00:00:00",
"db": "VULHUB",
"id": "VHN-97622"
},
{
"date": "2016-12-20T01:02:00",
"db": "BID",
"id": "94538"
},
{
"date": "2017-05-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008214"
},
{
"date": "2016-12-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-650"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2016-8802"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-650"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Secospace USG Buffer overflow vulnerability in product security policy execution module",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008214"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-650"
}
],
"trust": 0.6
}
}
VAR-201704-1028
Vulnerability from variot - Updated: 2025-04-20 23:32Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 6800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 7800 with software V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 8800 with software V100R006C00; and Secospace USG6600 with software V500R001C00 allow remote unauthenticated attackers to craft specific IPFPM packets to trigger an integer overflow and cause the device to reset. HuaweiCloudEngine12800, CloudEngine5800, CloudEngine6800, CloudEngine7800, and CloudEngine8800 are Huawei switch devices. An integer overflow vulnerability exists in some Huawei switches. Multiple Huawei CloudEngine Products are prone to an integer-overflow vulnerability. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed. Huawei CloudEngine 5800 and others are data center switches of China's Huawei (Huawei). The vulnerability is caused by the fact that the programs do not check specific fields in IPFPM packets. The following products and versions are affected: versions earlier than Huawei CloudEngine 12800 V200R001C00, versions earlier than CloudEngine 5800 V200R001C00, versions earlier than CloudEngine 6800 V200R001C00, versions earlier than CloudEngine 7800 V200R001C00, versions earlier than CloudEngine 8800 V200R001C
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-1028",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cloudengine 5800",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v100r002c00"
},
{
"model": "cloudengine 5800",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v100r003c00"
},
{
"model": "cloudengine 5800",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v100r003c10"
},
{
"model": "cloudengine 5800",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v100r005c00"
},
{
"model": "cloudengine 5800",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v100r005c10"
},
{
"model": "cloudengine 5800",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v100r006c00"
},
{
"model": "cloudengine 6800",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v100r002c00"
},
{
"model": "cloudengine 6800",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v100r003c00"
},
{
"model": "cloudengine 6800",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v100r003c10"
},
{
"model": "cloudengine 6800",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v100r005c00"
},
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r002c00"
},
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r003c00"
},
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r003c10"
},
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r005c00"
},
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r005c10"
},
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r006c00"
},
{
"model": "cloudengine 6800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r005c10"
},
{
"model": "cloudengine 6800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r006c00"
},
{
"model": "cloudengine 7800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r003c00"
},
{
"model": "cloudengine 7800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r003c10"
},
{
"model": "cloudengine 7800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r005c00"
},
{
"model": "cloudengine 7800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r005c10"
},
{
"model": "cloudengine 7800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r006c00"
},
{
"model": "cloudengine 8800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r006c00"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "cloudengine v100r003c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v100r003c10",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v100r005c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v100r005c10",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v100r006c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v100r003c10",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "5800"
},
{
"model": "cloudengine v100r005c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "5800"
},
{
"model": "cloudengine v100r005c10",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "5800"
},
{
"model": "cloudengine v100r006c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "5800"
},
{
"model": "cloudengine v100r003c10",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "6800"
},
{
"model": "cloudengine v100r005c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "6800"
},
{
"model": "cloudengine v100r005c10",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "6800"
},
{
"model": "cloudengine v100r006c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "6800"
},
{
"model": "cloudengine v100r003c10",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "7800"
},
{
"model": "cloudengine v100r005c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "7800"
},
{
"model": "cloudengine v100r005c10",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "7800"
},
{
"model": "cloudengine v100r006c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "7800"
},
{
"model": "cloudengine v100r006c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "8800"
},
{
"model": "cloudengine v100r002c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v100r002c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "5800"
},
{
"model": "cloudengine v100r003c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "5800"
},
{
"model": "cloudengine v100r002c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "6800"
},
{
"model": "cloudengine v100r003c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "6800"
},
{
"model": "cloudengine v100r003c00",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "7800"
},
{
"model": "secospace usg6600 v500r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6600 v500r001c30spc200",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "cloudengine v200r001c00",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "8800"
},
{
"model": "cloudengine v200r001c00",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "7800"
},
{
"model": "cloudengine v200r001c00",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "6800"
},
{
"model": "cloudengine v200r001c00",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "5800"
},
{
"model": "cloudengine v200r001c00",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "12800"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11666"
},
{
"db": "BID",
"id": "94504"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008227"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-662"
},
{
"db": "NVD",
"id": "CVE-2016-8795"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:huawei:cloudengine_12800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:cloudengine_5800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:cloudengine_6800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:cloudengine_7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:cloudengine_8800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:secospace_usg6600_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008227"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei",
"sources": [
{
"db": "BID",
"id": "94504"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-662"
}
],
"trust": 0.9
},
"cve": "CVE-2016-8795",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-8795",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"id": "CNVD-2016-11666",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-97615",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"id": "CVE-2016-8795",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-8795",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2016-8795",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2016-11666",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201611-662",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-97615",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11666"
},
{
"db": "VULHUB",
"id": "VHN-97615"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008227"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-662"
},
{
"db": "NVD",
"id": "CVE-2016-8795"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 6800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 7800 with software V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 8800 with software V100R006C00; and Secospace USG6600 with software V500R001C00 allow remote unauthenticated attackers to craft specific IPFPM packets to trigger an integer overflow and cause the device to reset. HuaweiCloudEngine12800, CloudEngine5800, CloudEngine6800, CloudEngine7800, and CloudEngine8800 are Huawei switch devices. An integer overflow vulnerability exists in some Huawei switches. Multiple Huawei CloudEngine Products are prone to an integer-overflow vulnerability. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed. Huawei CloudEngine 5800 and others are data center switches of China\u0027s Huawei (Huawei). The vulnerability is caused by the fact that the programs do not check specific fields in IPFPM packets. The following products and versions are affected: versions earlier than Huawei CloudEngine 12800 V200R001C00, versions earlier than CloudEngine 5800 V200R001C00, versions earlier than CloudEngine 6800 V200R001C00, versions earlier than CloudEngine 7800 V200R001C00, versions earlier than CloudEngine 8800 V200R001C",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-8795"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008227"
},
{
"db": "CNVD",
"id": "CNVD-2016-11666"
},
{
"db": "BID",
"id": "94504"
},
{
"db": "VULHUB",
"id": "VHN-97615"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-8795",
"trust": 3.4
},
{
"db": "BID",
"id": "94504",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008227",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201611-662",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-11666",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-97615",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11666"
},
{
"db": "VULHUB",
"id": "VHN-97615"
},
{
"db": "BID",
"id": "94504"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008227"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-662"
},
{
"db": "NVD",
"id": "CVE-2016-8795"
}
]
},
"id": "VAR-201704-1028",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11666"
},
{
"db": "VULHUB",
"id": "VHN-97615"
}
],
"trust": 1.4525194377777777
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11666"
}
]
},
"last_update_date": "2025-04-20T23:32:59.182000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20161123-01-vrp",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-vrp-en"
},
{
"title": "Patches for integer overflow vulnerabilities in some Huawei switches",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/84462"
},
{
"title": "Multiple Huawei CloudEngine Product Integer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65936"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11666"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008227"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-662"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-190",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-97615"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008227"
},
{
"db": "NVD",
"id": "CVE-2016-8795"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-vrp-en"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/94504"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8795"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-8795"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20161123-01-vrp-cn"
},
{
"trust": 0.3,
"url": "http://www.huawei.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11666"
},
{
"db": "VULHUB",
"id": "VHN-97615"
},
{
"db": "BID",
"id": "94504"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008227"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-662"
},
{
"db": "NVD",
"id": "CVE-2016-8795"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-11666"
},
{
"db": "VULHUB",
"id": "VHN-97615"
},
{
"db": "BID",
"id": "94504"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008227"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-662"
},
{
"db": "NVD",
"id": "CVE-2016-8795"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11666"
},
{
"date": "2017-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-97615"
},
{
"date": "2016-11-23T00:00:00",
"db": "BID",
"id": "94504"
},
{
"date": "2017-05-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008227"
},
{
"date": "2016-11-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-662"
},
{
"date": "2017-04-02T20:59:01.797000",
"db": "NVD",
"id": "CVE-2016-8795"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11666"
},
{
"date": "2017-04-05T00:00:00",
"db": "VULHUB",
"id": "VHN-97615"
},
{
"date": "2016-12-20T01:08:00",
"db": "BID",
"id": "94504"
},
{
"date": "2017-05-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008227"
},
{
"date": "2016-12-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-662"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2016-8795"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-662"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Vulnerability triggered by integer overflow in device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008227"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-662"
}
],
"trust": 0.6
}
}
VAR-201711-0985
Vulnerability from variot - Updated: 2025-04-20 23:22AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 6800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 7800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 8800 with software V100R006C00, V200R001C00,E600 V200R008C00,S12700 with software V200R005C00, V200R006C00, V200R007C00, V200R008C00,S1700 with software V100R006C00, V100R007C00, V200R006C00,S2300 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S2700 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S5300 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S5700 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S6300 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R008C00,S6700 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S7700 with software V100R003C00, V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S9300 with software V100R001C00, V100R002C00, V100R003C00, V100R006C00, V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R008C10,S9700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,Secospace USG6600 V500R001C00SPC050 have a MaxAge LSA vulnerability due to improper OSPF implementation. When the device receives special LSA packets, the LS (Link Status) age would be set to MaxAge, 3600 seconds. An attacker can exploit this vulnerability to poison the route table and launch a DoS attack. plural Huawei The product contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. HuaweiAC6005 and other products are all products of China Huawei. HuaweiAC6005 is an access control device. The CloudEngine 12800 is a data center switch device. The OSPF protocol of several Huawei products has a MaxAgeLSA vulnerability. The following products and versions are affected: Huawei AC6005 V200R006C10SPC200 Version; AC6605 V200R006C10SPC200 Version; AR1200 V200R005C10CP0582T Version, V200R005C10HP0581T Version, V200R005C20SPC026T Version; AR200 V200R005C20SPC026T Version; AR3200 V200R005C20SPC026T Version; CloudEngine 12800 V100R003C00 Version, V100R005C00 Version, V100R005C10 Version, V100R006C00 Version, V200R001C00 Version; CloudEngine 5800 V100R003C00 Version, V100R005C00 Version, V100R005C10 Version, V100R006C00 Version, V200R001C00 Version; CloudEngine 6800 V100R003C00 Version, V100R005C00 Version, V100R005C10 Version, V100R006C00 Version, V200R001C00 Version; CloudEngine 7800 V100R003C00 Version, V100R005C00 Version, V100R005C10 Version, V100R006C00 Version, V200R001C00 Version; CloudEngine 8800 V100R006C00, V200R001C00; E600 V200R008C00; S12700 V200R005C00, V200R006C00, V200R007C00, V200R008C00; S1700
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-0985",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "s9700",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r003c00"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "s9700",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "s9700",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r001c00"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v500r001c20"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "s9700",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r008c00"
},
{
"model": "s9700",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r002c00"
},
{
"model": "s9700",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r005c00"
},
{
"model": "s9700",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r007c00"
},
{
"model": "s9700 v200r008c00",
"scope": null,
"trust": 1.2,
"vendor": "huawei",
"version": null
},
{
"model": "s5700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c01"
},
{
"model": "s7700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c00"
},
{
"model": "ar1200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c20spc026t"
},
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r003c00"
},
{
"model": "s9300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r006c00"
},
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r006c00"
},
{
"model": "s5300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r002c00"
},
{
"model": "cloudengine 7800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c00"
},
{
"model": "s5700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "s2300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r005c00"
},
{
"model": "s6700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r006c00"
},
{
"model": "s2700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c00"
},
{
"model": "s2700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c01"
},
{
"model": "s5300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r006c01"
},
{
"model": "s2700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c00"
},
{
"model": "s6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c00"
},
{
"model": "s2300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c00"
},
{
"model": "s7700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r002c00"
},
{
"model": "s9300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r002c00"
},
{
"model": "s5300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00"
},
{
"model": "s5700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r006c00"
},
{
"model": "s6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r002c00"
},
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r005c00"
},
{
"model": "ar1200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c10hp0581t"
},
{
"model": "s2300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c00"
},
{
"model": "s2700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c02"
},
{
"model": "s12700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00"
},
{
"model": "s9300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r001c00"
},
{
"model": "cloudengine 7800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r005c10"
},
{
"model": "s9300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c00"
},
{
"model": "s5300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r006c00"
},
{
"model": "s7700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00"
},
{
"model": "cloudengine 5800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r005c00"
},
{
"model": "s6700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c00"
},
{
"model": "cloudengine 6800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r003c00"
},
{
"model": "s9300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c00"
},
{
"model": "s9300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c10"
},
{
"model": "cloudengine 6800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r006c00"
},
{
"model": "s2700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "cloudengine 5800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c00"
},
{
"model": "s5700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r005c00"
},
{
"model": "s9300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r002c00"
},
{
"model": "s2300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00"
},
{
"model": "s7700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r003c00"
},
{
"model": "s6700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c00"
},
{
"model": "s7700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r006c00"
},
{
"model": "ar3200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c20spc026t"
},
{
"model": "s2700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c10"
},
{
"model": "cloudengine 7800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r003c00"
},
{
"model": "s2300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "s2700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r006c05"
},
{
"model": "cloudengine 7800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r006c00"
},
{
"model": "s6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c10"
},
{
"model": "s2700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r006c03"
},
{
"model": "s6700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c02"
},
{
"model": "s1700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "s2300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c10"
},
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r005c10"
},
{
"model": "s2700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c00"
},
{
"model": "s5700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c00"
},
{
"model": "s6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c00"
},
{
"model": "s2300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c02"
},
{
"model": "s9300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00"
},
{
"model": "s5700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r002c00"
},
{
"model": "s5300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c00"
},
{
"model": "s6700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c01"
},
{
"model": "s9300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "s2300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c00"
},
{
"model": "s6700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00"
},
{
"model": "ac6605",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c10spc200"
},
{
"model": "s9300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r003c00"
},
{
"model": "s5300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c00"
},
{
"model": "s6700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "cloudengine 7800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r005c00"
},
{
"model": "s12700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c00"
},
{
"model": "s5700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r006c01"
},
{
"model": "cloudengine 8800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c00"
},
{
"model": "s7700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c00"
},
{
"model": "s2700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r005c00"
},
{
"model": "s5300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c02"
},
{
"model": "s2700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c03"
},
{
"model": "s12700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c00"
},
{
"model": "s1700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r007c00"
},
{
"model": "s5700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00"
},
{
"model": "s6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c00"
},
{
"model": "s6700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c10"
},
{
"model": "s6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c00"
},
{
"model": "s9300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c00"
},
{
"model": "s7700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c00"
},
{
"model": "cloudengine 5800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r003c00"
},
{
"model": "e600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c00"
},
{
"model": "s2300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c03"
},
{
"model": "cloudengine 5800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r006c00"
},
{
"model": "s5300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c01"
},
{
"model": "s6700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c00"
},
{
"model": "s2300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c01"
},
{
"model": "s5700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c10"
},
{
"model": "s6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c02"
},
{
"model": "s5300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "cloudengine 6800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r005c10"
},
{
"model": "s5700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c00"
},
{
"model": "s2300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c02"
},
{
"model": "s7700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c01"
},
{
"model": "s5300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c10"
},
{
"model": "s9300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c00"
},
{
"model": "s12700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c00"
},
{
"model": "s6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c01"
},
{
"model": "s7700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c00"
},
{
"model": "s6700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c00"
},
{
"model": "s5300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c00"
},
{
"model": "s2700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00"
},
{
"model": "cloudengine 8800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r006c00"
},
{
"model": "s5700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c00"
},
{
"model": "s5700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c00"
},
{
"model": "s7700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c00"
},
{
"model": "s2700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r006c00"
},
{
"model": "s6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r006c00"
},
{
"model": "s2300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r006c05"
},
{
"model": "s6700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r002c00"
},
{
"model": "s2700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c02"
},
{
"model": "s2300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r006c03"
},
{
"model": "s5300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r005c00"
},
{
"model": "ar200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c20spc026t"
},
{
"model": "s2300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r006c00"
},
{
"model": "s5300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c00"
},
{
"model": "ac6005",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c10spc200"
},
{
"model": "s5700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c02"
},
{
"model": "ar1200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c10cp0582t"
},
{
"model": "cloudengine 6800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r005c00"
},
{
"model": "s1700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r006c00"
},
{
"model": "cloudengine 6800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c00"
},
{
"model": "cloudengine 5800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r005c10"
},
{
"model": "ac6005",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ac6605",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ar1200",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ar200",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ar3200",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "cloudengine 12800",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "cloudengine 5800",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "cloudengine 6800",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "cloudengine 7800",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "cloudengine 8800",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "e600",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "s12700",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "s1700",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "s2300",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "s2700",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "s5300",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "s5700",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "s6300",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "s6700",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "s7700",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "s9300",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "s9700",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6600",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6600 v500r001c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "cloudengine v100r003c00",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v100r005c00",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v100r005c10",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "12800"
},
{
"model": "s12700 v200r005c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s9700 v200r001c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s9700 v200r002c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s9700 v200r006c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s12700 v200r006c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s12700 v200r008c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s12700 v200r007c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s7700 v200r007c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s9700 v200r007c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "cloudengine v100r006c00",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v100r005c00",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "5800"
},
{
"model": "cloudengine v100r005c10",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "5800"
},
{
"model": "cloudengine v100r006c00",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "5800"
},
{
"model": "cloudengine v100r005c00",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "6800"
},
{
"model": "cloudengine v100r005c10",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "6800"
},
{
"model": "cloudengine v100r006c00",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "6800"
},
{
"model": "cloudengine v100r005c00",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "7800"
},
{
"model": "cloudengine v100r005c10",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "7800"
},
{
"model": "cloudengine v100r006c00",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "7800"
},
{
"model": "cloudengine v100r006c00",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "8800"
},
{
"model": "cloudengine v100r003c00",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "5800"
},
{
"model": "cloudengine v100r003c00",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "6800"
},
{
"model": "cloudengine v100r003c00",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "7800"
},
{
"model": "cloudengine v200r001c00",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v200r001c00",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "6800"
},
{
"model": "cloudengine v200r001c00",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "7800"
},
{
"model": "cloudengine v200r001c00",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "8800"
},
{
"model": "ac6005 v200r006c10spc200",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar1200 v200r005c10cp0582t",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar200 v200r005c20spc026t",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar3200 v200r005c20spc026t",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6600 v500r001c20",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6600 v500r001c30",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ac6605 v200r006c10spc200",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar1200 v200r005c10hp0581t",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar1200 v200r005c20spc026t",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "cloudengine v200r001c00",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "5800"
},
{
"model": "e600 v200r008c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s1700 v100r006c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s1700 v100r007c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s1700 v200r006c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2300 v100r005c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2300 v100r006c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2300 v100r006c05",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2300 v200r003c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2300 v200r003c02",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2300 v200r003c10",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2300 v200r005c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2300 v200r005c01",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2300 v200r005c02",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2300 v200r005c03",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2300 v200r007c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2300 v200r008c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2700 v100r005c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2700 v100r006c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2700 v100r006c03",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2700 v100r006c05",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2700 v200r003c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2700 v200r003c02",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2700 v200r003c10",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2700 v200r005c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2700 v200r005c01",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2700 v200r005c02",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2700 v200r005c03",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2700 v200r006c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2700 v200r007c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s2700 v200r008c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5300 v100r005c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5300 v100r006c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5300 v100r006c01",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5300 v200r001c01",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5300 v200r002c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5300 v200r003c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5300 v200r003c02",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5300 v200r003c10",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5300 v200r005c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5300 v200r006c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5300 v200r007c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5300 v200r008c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5700 v100r005c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5700 v100r006c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5700 v100r006c01",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5700 v200r001c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5700 v200r001c01",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5700 v200r002c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5700 v200r003c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5700 v200r003c02",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5700 v200r003c10",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5700 v200r005c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5700 v200r006c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s5700 v200r008c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s6300 v100r006c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s6300 v200r001c01",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s6300 v200r002c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s6300 v200r003c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s6300 v200r003c02",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s6300 v200r003c10",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s6300 v200r005c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s6300 v200r008c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s6700 v100r006c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s6700 v200r001c01",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s6700 v200r002c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s6700 v200r003c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s6700 v200r003c02",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s6700 v200r003c10",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s6700 v200r006c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s6700 v200r008c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s7700 v100r003c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s7700 v100r006c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s7700 v200r001c01",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s7700 v200r002c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s7700 v200r006c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s7700 v200r008c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s9300 v100r001c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s9300 v100r002c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s9300 v100r003c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s9300 v100r006c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s9300 v200r002c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s9300 v200r006c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s9300 v200r008c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "s9300 v200r008c10",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-37678"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010631"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-982"
},
{
"db": "NVD",
"id": "CVE-2017-8147"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:huawei:ac6005_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:ac6605_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:ar1200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:ar200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:ar3200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:cloudengine_12800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:cloudengine_5800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:cloudengine_6800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:cloudengine_7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:cloudengine_8800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:e600_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:s12700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:s1700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:s2300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:s2700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:s5300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:s5700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:s6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:s6700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:s7700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:s9300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:s9700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:secospace_usg6600_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010631"
}
]
},
"cve": "CVE-2017-8147",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-8147",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-37678",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-116350",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2017-8147",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-8147",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-8147",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-37678",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201711-982",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-116350",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-37678"
},
{
"db": "VULHUB",
"id": "VHN-116350"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010631"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-982"
},
{
"db": "NVD",
"id": "CVE-2017-8147"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 6800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 7800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 8800 with software V100R006C00, V200R001C00,E600 V200R008C00,S12700 with software V200R005C00, V200R006C00, V200R007C00, V200R008C00,S1700 with software V100R006C00, V100R007C00, V200R006C00,S2300 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S2700 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S5300 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S5700 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S6300 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R008C00,S6700 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S7700 with software V100R003C00, V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S9300 with software V100R001C00, V100R002C00, V100R003C00, V100R006C00, V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R008C10,S9700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,Secospace USG6600 V500R001C00SPC050 have a MaxAge LSA vulnerability due to improper OSPF implementation. When the device receives special LSA packets, the LS (Link Status) age would be set to MaxAge, 3600 seconds. An attacker can exploit this vulnerability to poison the route table and launch a DoS attack. plural Huawei The product contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. HuaweiAC6005 and other products are all products of China Huawei. HuaweiAC6005 is an access control device. The CloudEngine 12800 is a data center switch device. The OSPF protocol of several Huawei products has a MaxAgeLSA vulnerability. The following products and versions are affected: Huawei AC6005 V200R006C10SPC200 Version; AC6605 V200R006C10SPC200 Version; AR1200 V200R005C10CP0582T Version, V200R005C10HP0581T Version, V200R005C20SPC026T Version; AR200 V200R005C20SPC026T Version; AR3200 V200R005C20SPC026T Version; CloudEngine 12800 V100R003C00 Version, V100R005C00 Version, V100R005C10 Version, V100R006C00 Version, V200R001C00 Version; CloudEngine 5800 V100R003C00 Version, V100R005C00 Version, V100R005C10 Version, V100R006C00 Version, V200R001C00 Version; CloudEngine 6800 V100R003C00 Version, V100R005C00 Version, V100R005C10 Version, V100R006C00 Version, V200R001C00 Version; CloudEngine 7800 V100R003C00 Version, V100R005C00 Version, V100R005C10 Version, V100R006C00 Version, V200R001C00 Version; CloudEngine 8800 V100R006C00, V200R001C00; E600 V200R008C00; S12700 V200R005C00, V200R006C00, V200R007C00, V200R008C00; S1700",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8147"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010631"
},
{
"db": "CNVD",
"id": "CNVD-2017-37678"
},
{
"db": "VULHUB",
"id": "VHN-116350"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-8147",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010631",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201711-982",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-37678",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-116350",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-37678"
},
{
"db": "VULHUB",
"id": "VHN-116350"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010631"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-982"
},
{
"db": "NVD",
"id": "CVE-2017-8147"
}
]
},
"id": "VAR-201711-0985",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-37678"
},
{
"db": "VULHUB",
"id": "VHN-116350"
}
],
"trust": 1.5393887724999997
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-37678"
}
]
},
"last_update_date": "2025-04-20T23:22:08.004000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20170720-01-ospf",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170720-01-ospf-en"
},
{
"title": "A patch for the MaxAgeLSA vulnerability exists in the OSPF protocol of various Huawei products.",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/111227"
},
{
"title": "Multiple Huawei Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=76692"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-37678"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010631"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-982"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-116350"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010631"
},
{
"db": "NVD",
"id": "CVE-2017-8147"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170720-01-ospf-en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-8147"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8147"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20170720-01-ospf-cn"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-37678"
},
{
"db": "VULHUB",
"id": "VHN-116350"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010631"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-982"
},
{
"db": "NVD",
"id": "CVE-2017-8147"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-37678"
},
{
"db": "VULHUB",
"id": "VHN-116350"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010631"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-982"
},
{
"db": "NVD",
"id": "CVE-2017-8147"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-37678"
},
{
"date": "2017-11-22T00:00:00",
"db": "VULHUB",
"id": "VHN-116350"
},
{
"date": "2017-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010631"
},
{
"date": "2017-11-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-982"
},
{
"date": "2017-11-22T19:29:03.257000",
"db": "NVD",
"id": "CVE-2017-8147"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-37678"
},
{
"date": "2017-12-08T00:00:00",
"db": "VULHUB",
"id": "VHN-116350"
},
{
"date": "2017-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010631"
},
{
"date": "2020-11-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-982"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-8147"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-982"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Vulnerability related to input validation in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010631"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-982"
}
],
"trust": 0.6
}
}
VAR-201704-1021
Vulnerability from variot - Updated: 2025-04-20 23:20Huawei Secospace USG6300 with software V500R001C20 and V500R001C20SPC200PWE, Secospace USG6500 with software V500R001C20, Secospace USG6600 with software V500R001C20 and V500R001C20SPC200PWE allow remote attackers with specific permission to log in to a device and deliver a large number of unspecified commands to exhaust memory, causing a DoS condition. Huawei Firewall is prone to a remote denial-of-service vulnerability. Successful exploits may allow the attacker to cause exhaustion of memory leading to a denial of service condition. Huawei Secospace USG6300 etc. are the firewalls of China Huawei (Huawei). The vulnerability is caused by the program not releasing part of the memory. The following products and versions are affected: Huawei Secospace USG6300 version V500R001C20, V500R001C20SPC200PWE version; Secospace USG6500 version V500R001C20; Secospace USG6600 version V500R001C20, V500R001C20SPC200PWE version
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-1021",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v500r001c20"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v500r001c20spc200pwe"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v500r001c20"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v500r001c20"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v500r001c20spc200pwe"
},
{
"model": "secospace usg6600 v500r001c20spc200pwe",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6600 v500r001c20",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6500 v500r001c20",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300 v500r001c20spc200pwe",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300 v500r001c20",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6600 v500r001c20spc300pwe",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6500 v500r001c30spc100",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300 v500r001c30spc100",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300 v500r001c20spc300pwe",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "94927"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008223"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-546"
},
{
"db": "NVD",
"id": "CVE-2016-8781"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:huawei:secospace_usg6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:secospace_usg6500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:secospace_usg6600_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008223"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "94927"
}
],
"trust": 0.3
},
"cve": "CVE-2016-8781",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CVE-2016-8781",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "VHN-97601",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2016-8781",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-8781",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2016-8781",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201612-546",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-97601",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-97601"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008223"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-546"
},
{
"db": "NVD",
"id": "CVE-2016-8781"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei Secospace USG6300 with software V500R001C20 and V500R001C20SPC200PWE, Secospace USG6500 with software V500R001C20, Secospace USG6600 with software V500R001C20 and V500R001C20SPC200PWE allow remote attackers with specific permission to log in to a device and deliver a large number of unspecified commands to exhaust memory, causing a DoS condition. Huawei Firewall is prone to a remote denial-of-service vulnerability. \nSuccessful exploits may allow the attacker to cause exhaustion of memory leading to a denial of service condition. Huawei Secospace USG6300 etc. are the firewalls of China Huawei (Huawei). The vulnerability is caused by the program not releasing part of the memory. The following products and versions are affected: Huawei Secospace USG6300 version V500R001C20, V500R001C20SPC200PWE version; Secospace USG6500 version V500R001C20; Secospace USG6600 version V500R001C20, V500R001C20SPC200PWE version",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-8781"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008223"
},
{
"db": "BID",
"id": "94927"
},
{
"db": "VULHUB",
"id": "VHN-97601"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-8781",
"trust": 2.8
},
{
"db": "BID",
"id": "94927",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008223",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201612-546",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-97601",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-97601"
},
{
"db": "BID",
"id": "94927"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008223"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-546"
},
{
"db": "NVD",
"id": "CVE-2016-8781"
}
]
},
"id": "VAR-201704-1021",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-97601"
}
],
"trust": 0.7917332966666666
},
"last_update_date": "2025-04-20T23:20:02.201000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20161214-01-firewall",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161214-01-firewall-en"
},
{
"title": "Various Huawei firewall security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=66573"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008223"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-546"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-97601"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008223"
},
{
"db": "NVD",
"id": "CVE-2016-8781"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161214-01-firewall-en"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/94927"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8781"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-8781"
},
{
"trust": 0.3,
"url": "http://www.huawei.com"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-97601"
},
{
"db": "BID",
"id": "94927"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008223"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-546"
},
{
"db": "NVD",
"id": "CVE-2016-8781"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-97601"
},
{
"db": "BID",
"id": "94927"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008223"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-546"
},
{
"db": "NVD",
"id": "CVE-2016-8781"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-97601"
},
{
"date": "2016-12-14T00:00:00",
"db": "BID",
"id": "94927"
},
{
"date": "2017-05-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008223"
},
{
"date": "2016-12-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201612-546"
},
{
"date": "2017-04-02T20:59:01.593000",
"db": "NVD",
"id": "CVE-2016-8781"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-05T00:00:00",
"db": "VULHUB",
"id": "VHN-97601"
},
{
"date": "2016-12-20T01:10:00",
"db": "BID",
"id": "94927"
},
{
"date": "2017-05-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008223"
},
{
"date": "2016-12-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201612-546"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2016-8781"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201612-546"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Secospace USG Denial of service in products (DoS) Vulnerability exposed",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008223"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201612-546"
}
],
"trust": 0.6
}
}
VAR-201711-0937
Vulnerability from variot - Updated: 2025-04-20 23:03Huawei USG6300 V100R001C30SPC300 and USG6600 with software of V100R001C30SPC500,V100R001C30SPC600,V100R001C30SPC700,V100R001C30SPC800 have a weak algorithm vulnerability. Attackers may exploit the weak algorithm vulnerability to crack the cipher text and cause confidential information leaks on the transmission links. Both Huawei USG6300 and USG6600 are firewall devices of China Huawei (Huawei). There are security vulnerabilities in Huawei USG6300 and USG6600. The following products and versions are affected: Huawei USG6300 V100R001C30SPC300; Secospace USG6600 V100R001C30SPC500, V100R001C30SPC600, V100R001C30SPC700, and V100R001C30SPC800
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-0937",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v100r001c30spc300"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v100r001c30spc500"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v100r001c30spc600"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v100r001c30spc700"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "v100r001c30spc800"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010803"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-149"
},
{
"db": "NVD",
"id": "CVE-2017-8174"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:huawei:secospace_usg6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:secospace_usg6600_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010803"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-149"
}
],
"trust": 0.6
},
"cve": "CVE-2017-8174",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-8174",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-116377",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-8174",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-8174",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-8174",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201708-149",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-116377",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-116377"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010803"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-149"
},
{
"db": "NVD",
"id": "CVE-2017-8174"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei USG6300 V100R001C30SPC300 and USG6600 with software of V100R001C30SPC500,V100R001C30SPC600,V100R001C30SPC700,V100R001C30SPC800 have a weak algorithm vulnerability. Attackers may exploit the weak algorithm vulnerability to crack the cipher text and cause confidential information leaks on the transmission links. Both Huawei USG6300 and USG6600 are firewall devices of China Huawei (Huawei). There are security vulnerabilities in Huawei USG6300 and USG6600. The following products and versions are affected: Huawei USG6300 V100R001C30SPC300; Secospace USG6600 V100R001C30SPC500, V100R001C30SPC600, V100R001C30SPC700, and V100R001C30SPC800",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8174"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010803"
},
{
"db": "VULHUB",
"id": "VHN-116377"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-8174",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010803",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201708-149",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-116377",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-116377"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010803"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-149"
},
{
"db": "NVD",
"id": "CVE-2017-8174"
}
]
},
"id": "VAR-201711-0937",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-116377"
}
],
"trust": 0.49567764000000003
},
"last_update_date": "2025-04-20T23:03:57.201000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20170802-01-usg",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170802-01-usg-en"
},
{
"title": "Huawei USG6300 and USG6600 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=74821"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010803"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-149"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-326",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-116377"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010803"
},
{
"db": "NVD",
"id": "CVE-2017-8174"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170802-01-usg-en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-8174"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8174"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-116377"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010803"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-149"
},
{
"db": "NVD",
"id": "CVE-2017-8174"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-116377"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010803"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-149"
},
{
"db": "NVD",
"id": "CVE-2017-8174"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-22T00:00:00",
"db": "VULHUB",
"id": "VHN-116377"
},
{
"date": "2017-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010803"
},
{
"date": "2017-08-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-149"
},
{
"date": "2017-11-22T19:29:04.130000",
"db": "NVD",
"id": "CVE-2017-8174"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-116377"
},
{
"date": "2017-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010803"
},
{
"date": "2017-09-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-149"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-8174"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-149"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei USG6300 and USG6600 Vulnerabilities related to cryptographic strength in Japanese software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010803"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-149"
}
],
"trust": 0.6
}
}
VAR-201605-0334
Vulnerability from variot - Updated: 2025-04-13 23:42Buffer overflow in the Application Specific Packet Filtering (ASPF) functionality in the Huawei IPS Module, NGFW Module, NIP6300, NIP6600, Secospace USG6300, USG6500, USG6600, USG9500, and AntiDDoS8000 devices with software before V500R001C20SPC100 allows remote attackers to cause a denial of service or execute arbitrary code via a crafted packet, related to "illegitimate parameters.". HuaweiIPSModule and other products are China's Huawei's intrusion prevention and intrusion detection products. A buffer overflow vulnerability exists in several Huawei products. An attacker could exploit a vulnerability that would result in a denial of service or arbitrary code by constructing a malformed message containing an illegal parameter. Multiple Huawei Products are prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in denial-of-service conditions. The following Huawei products are affected: IPS Module NGFW Module NIP6300 NIP6600 Secospace USG6300 Secospace USG6500 Secospace USG6600 USG9500 Secospace AntiDDoS8000
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201605-0334",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "usg9500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "nip6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "secospace antiddos8000",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "ips module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "nip6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "ips module",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ips module",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "ngfw module",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ngfw module",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "nip6300",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nip6300",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "nip6600",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nip6600",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "secospace antiddos8000",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "secospace antiddos8000",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "secospace usg6300",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "secospace usg6500",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6500",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "secospace usg6600",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6600",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "usg9500",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "usg9500",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "secospace antiddos8000 \u003cv500r001c20spc100",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "usg9500 \u003cv500r001c20spc100",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6600 \u003cv500r001c20spc100",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6500 \u003cv500r001c20spc100",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300 \u003cv500r001c20spc100",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "nip6600 \u003cv500r001c20spc100",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "nip6300 \u003cv500r001c20spc100",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ngfw module \u003cv500r001c20spc100",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ips module \u003cv500r001c20spc100",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace antiddos8000",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "usg9500",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "nip6600",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "nip6300",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ips module",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-03569"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002908"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-579"
},
{
"db": "NVD",
"id": "CVE-2016-4576"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:huawei:ips_module",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:ips_module_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:huawei:ngfw_module",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:ngfw_module_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:huawei:nip6300",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:nip6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:huawei:nip6600",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:nip6600_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:huawei:secospace_antiddos8000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:secospace_antiddos8000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:huawei:secospace_usg6300",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:secospace_usg6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:huawei:secospace_usg6500",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:secospace_usg6500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:huawei:secospace_usg6600",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:secospace_usg6600_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:huawei:usg9500",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:usg9500_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002908"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-579"
}
],
"trust": 0.6
},
"cve": "CVE-2016-4576",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2016-4576",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-03569",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-93395",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-4576",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-4576",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2016-4576",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2016-03569",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201605-579",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-93395",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-03569"
},
{
"db": "VULHUB",
"id": "VHN-93395"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002908"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-579"
},
{
"db": "NVD",
"id": "CVE-2016-4576"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the Application Specific Packet Filtering (ASPF) functionality in the Huawei IPS Module, NGFW Module, NIP6300, NIP6600, Secospace USG6300, USG6500, USG6600, USG9500, and AntiDDoS8000 devices with software before V500R001C20SPC100 allows remote attackers to cause a denial of service or execute arbitrary code via a crafted packet, related to \"illegitimate parameters.\". HuaweiIPSModule and other products are China\u0027s Huawei\u0027s intrusion prevention and intrusion detection products. A buffer overflow vulnerability exists in several Huawei products. An attacker could exploit a vulnerability that would result in a denial of service or arbitrary code by constructing a malformed message containing an illegal parameter. Multiple Huawei Products are prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. \nAttackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in denial-of-service conditions. \nThe following Huawei products are affected:\nIPS Module\nNGFW Module\nNIP6300\nNIP6600\nSecospace USG6300\nSecospace USG6500\nSecospace USG6600\nUSG9500\nSecospace AntiDDoS8000",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4576"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002908"
},
{
"db": "CNVD",
"id": "CNVD-2016-03569"
},
{
"db": "BID",
"id": "90530"
},
{
"db": "VULHUB",
"id": "VHN-93395"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-4576",
"trust": 3.4
},
{
"db": "BID",
"id": "90530",
"trust": 1.4
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002908",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201605-579",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-03569",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-93395",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-03569"
},
{
"db": "VULHUB",
"id": "VHN-93395"
},
{
"db": "BID",
"id": "90530"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002908"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-579"
},
{
"db": "NVD",
"id": "CVE-2016-4576"
}
]
},
"id": "VAR-201605-0334",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-03569"
},
{
"db": "VULHUB",
"id": "VHN-93395"
}
],
"trust": 1.123081815
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-03569"
}
]
},
"last_update_date": "2025-04-13T23:42:01.706000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Buffer Overflow Vulnerability in Huawei Several Products (huawei-sa-20160511-01-aspf)",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160511-01-aspf-en"
},
{
"title": "Patches for multiple Huawei product buffer overflow vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/76462"
},
{
"title": "Multiple Huawei Product Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=61892"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-03569"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002908"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-579"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93395"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002908"
},
{
"db": "NVD",
"id": "CVE-2016-4576"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.4,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160511-01-aspf-en"
},
{
"trust": 1.2,
"url": "http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20160511-01-aspf-cn"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/90530"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4576"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4576"
},
{
"trust": 0.3,
"url": "http://www.huawei.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-03569"
},
{
"db": "VULHUB",
"id": "VHN-93395"
},
{
"db": "BID",
"id": "90530"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002908"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-579"
},
{
"db": "NVD",
"id": "CVE-2016-4576"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-03569"
},
{
"db": "VULHUB",
"id": "VHN-93395"
},
{
"db": "BID",
"id": "90530"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002908"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-579"
},
{
"db": "NVD",
"id": "CVE-2016-4576"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-03569"
},
{
"date": "2016-05-23T00:00:00",
"db": "VULHUB",
"id": "VHN-93395"
},
{
"date": "2016-05-11T00:00:00",
"db": "BID",
"id": "90530"
},
{
"date": "2016-05-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002908"
},
{
"date": "2016-05-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-579"
},
{
"date": "2016-05-23T19:59:09.980000",
"db": "NVD",
"id": "CVE-2016-4576"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-03569"
},
{
"date": "2016-11-28T00:00:00",
"db": "VULHUB",
"id": "VHN-93395"
},
{
"date": "2016-07-06T14:48:00",
"db": "BID",
"id": "90530"
},
{
"date": "2016-05-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002908"
},
{
"date": "2016-05-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-579"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2016-4576"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-579"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Device product software Application Specific Packet Filtering Buffer overflow vulnerability in functionality",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002908"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-579"
}
],
"trust": 0.6
}
}
VAR-201605-0335
Vulnerability from variot - Updated: 2025-04-13 23:39Buffer overflow in the Smart DNS functionality in the Huawei NGFW Module and Secospace USG6300, USG6500, USG6600, and USG9500 firewalls with software before V500R001C20SPC100 allows remote attackers to cause a denial of service or execute arbitrary code via a crafted packet, related to "illegitimate parameters.". Multiple Huawei Products are prone to a buffer-overflow vulnerability because they fail to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Attackers can exploit this issue to execute arbitrary code in the affected device. Failed exploit attempts will result in denial-of-service conditions. The Huawei NGFW Module and others are all firewall products of China's Huawei (Huawei). There are buffer overflow vulnerabilities in the Smart DNS function of several Huawei products. The following products and versions are affected: Huawei NGFW Module V500R001C00, Secospace USG6300 V500R001C00, Secospace USG6500 V500R001C00, Secospace USG6600 V500R001C00, and USG9500 V500R001C00
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201605-0335",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "usg9500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "ngfw module",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ngfw module",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "secospace usg6300",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "secospace usg6500",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6500",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "secospace usg6600",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6600",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "usg9500",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "usg9500",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "usg9500",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002909"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-578"
},
{
"db": "NVD",
"id": "CVE-2016-4577"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:huawei:ngfw_module",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:ngfw_module_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:huawei:secospace_usg6300",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:secospace_usg6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:huawei:secospace_usg6500",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:secospace_usg6500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:huawei:secospace_usg6600",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:secospace_usg6600_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:huawei:usg9500",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:usg9500_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002909"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-578"
}
],
"trust": 0.6
},
"cve": "CVE-2016-4577",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.2,
"id": "CVE-2016-4577",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:A/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.2,
"id": "VHN-93396",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:A/AC:H/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"id": "CVE-2016-4577",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-4577",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-4577",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201605-578",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-93396",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93396"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002909"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-578"
},
{
"db": "NVD",
"id": "CVE-2016-4577"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the Smart DNS functionality in the Huawei NGFW Module and Secospace USG6300, USG6500, USG6600, and USG9500 firewalls with software before V500R001C20SPC100 allows remote attackers to cause a denial of service or execute arbitrary code via a crafted packet, related to \"illegitimate parameters.\". Multiple Huawei Products are prone to a buffer-overflow vulnerability because they fail to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. \nAttackers can exploit this issue to execute arbitrary code in the affected device. Failed exploit attempts will result in denial-of-service conditions. The Huawei NGFW Module and others are all firewall products of China\u0027s Huawei (Huawei). There are buffer overflow vulnerabilities in the Smart DNS function of several Huawei products. The following products and versions are affected: Huawei NGFW Module V500R001C00, Secospace USG6300 V500R001C00, Secospace USG6500 V500R001C00, Secospace USG6600 V500R001C00, and USG9500 V500R001C00",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4577"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002909"
},
{
"db": "BID",
"id": "90532"
},
{
"db": "VULHUB",
"id": "VHN-93396"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-4577",
"trust": 2.8
},
{
"db": "BID",
"id": "90532",
"trust": 1.4
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002909",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201605-578",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-93396",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93396"
},
{
"db": "BID",
"id": "90532"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002909"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-578"
},
{
"db": "NVD",
"id": "CVE-2016-4577"
}
]
},
"id": "VAR-201605-0335",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-93396"
}
],
"trust": 0.500437016
},
"last_update_date": "2025-04-13T23:39:32.037000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Buffer Overflow Vulnerability in Huawei Several Products (huawei-sa-20160511-01-dns)",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160511-01-dns-en"
},
{
"title": "Multiple Huawei Product Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=61891"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002909"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-578"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93396"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002909"
},
{
"db": "NVD",
"id": "CVE-2016-4577"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.4,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160511-01-dns-en"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/90532"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4577"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4577"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20160511-01-dns-cn"
},
{
"trust": 0.3,
"url": "http://www.huawei.com"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93396"
},
{
"db": "BID",
"id": "90532"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002909"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-578"
},
{
"db": "NVD",
"id": "CVE-2016-4577"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-93396"
},
{
"db": "BID",
"id": "90532"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002909"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-578"
},
{
"db": "NVD",
"id": "CVE-2016-4577"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-23T00:00:00",
"db": "VULHUB",
"id": "VHN-93396"
},
{
"date": "2016-05-11T00:00:00",
"db": "BID",
"id": "90532"
},
{
"date": "2016-05-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002909"
},
{
"date": "2016-05-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-578"
},
{
"date": "2016-05-23T19:59:11.197000",
"db": "NVD",
"id": "CVE-2016-4577"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-28T00:00:00",
"db": "VULHUB",
"id": "VHN-93396"
},
{
"date": "2016-07-06T14:38:00",
"db": "BID",
"id": "90532"
},
{
"date": "2016-05-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002909"
},
{
"date": "2016-05-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-578"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2016-4577"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-578"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Device product software Smart DNS Buffer overflow vulnerability in function",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002909"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-578"
}
],
"trust": 0.6
}
}
VAR-201606-0451
Vulnerability from variot - Updated: 2025-04-12 23:14Memory leak in Huawei IPS Module, NGFW Module, NIP6300, NIP6600, and Secospace USG6300, USG6500, USG6600, USG9500, and AntiDDoS8000 V500R001C00 before V500R001C20SPC100, when in hot standby networking where two devices are not directly connected, allows remote attackers to cause a denial of service (memory consumption and reboot) via a crafted packet. HuaweiIPSModule and other products are China's Huawei's intrusion prevention and intrusion detection products. A memory leak vulnerability exists in several Huawei products. An attacker can exploit this issue to exhaust memory resources and cause the device to reboot. Huawei USG series, NGFW module, IPS module, NIP series and AntiDDoS8000 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201606-0451",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "huawei",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v5500r001c00"
},
{
"model": "ngfw module",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "nip6300",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "nip6600",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "secospace antiddos8000",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "secospace usg6300",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "secospace usg6500",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "usg9500",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "secospace antiddos8000",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "ips module",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "ips module",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "nip6300",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "secospace usg6600",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "nip6600",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "usg9500",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "v500r001c20spc100"
},
{
"model": "ips module v500r001c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ngfw module v500r001c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "nip6300 v500r001c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "nip6600 v500r001c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300 v500r001c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6500 v500r001c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6600 v500r001c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "usg9500 v500r001c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace antiddos8000 v500r001c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-04379"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003345"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-575"
},
{
"db": "NVD",
"id": "CVE-2016-5435"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:huawei:ips_module",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:huawei:ngfw_module",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:huawei:nip6300",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:huawei:nip6600",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:huawei:secospace_antiddos8000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:huawei:secospace_usg6300",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:huawei:secospace_usg6500",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:huawei:secospace_usg6600",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:huawei:usg9500",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-003345"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue",
"sources": [
{
"db": "BID",
"id": "91473"
}
],
"trust": 0.3
},
"cve": "CVE-2016-5435",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-5435",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 5.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"id": "CNVD-2016-04379",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-94254",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"id": "CVE-2016-5435",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-5435",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2016-5435",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2016-04379",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201606-575",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-94254",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-04379"
},
{
"db": "VULHUB",
"id": "VHN-94254"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003345"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-575"
},
{
"db": "NVD",
"id": "CVE-2016-5435"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Memory leak in Huawei IPS Module, NGFW Module, NIP6300, NIP6600, and Secospace USG6300, USG6500, USG6600, USG9500, and AntiDDoS8000 V500R001C00 before V500R001C20SPC100, when in hot standby networking where two devices are not directly connected, allows remote attackers to cause a denial of service (memory consumption and reboot) via a crafted packet. HuaweiIPSModule and other products are China\u0027s Huawei\u0027s intrusion prevention and intrusion detection products. A memory leak vulnerability exists in several Huawei products. \nAn attacker can exploit this issue to exhaust memory resources and cause the device to reboot. \nHuawei USG series, NGFW module, IPS module, NIP series and AntiDDoS8000 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5435"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003345"
},
{
"db": "CNVD",
"id": "CNVD-2016-04379"
},
{
"db": "BID",
"id": "91473"
},
{
"db": "VULHUB",
"id": "VHN-94254"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-5435",
"trust": 3.4
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003345",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201606-575",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-04379",
"trust": 0.6
},
{
"db": "BID",
"id": "91473",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-94254",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-04379"
},
{
"db": "VULHUB",
"id": "VHN-94254"
},
{
"db": "BID",
"id": "91473"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003345"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-575"
},
{
"db": "NVD",
"id": "CVE-2016-5435"
}
]
},
"id": "VAR-201606-0451",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-04379"
},
{
"db": "VULHUB",
"id": "VHN-94254"
}
],
"trust": 1.255423138181818
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-04379"
}
]
},
"last_update_date": "2025-04-12T23:14:09.974000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20160615-01-standby",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160615-01-standby-en"
},
{
"title": "Patches for various Huawei product memory leak vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/78292"
},
{
"title": "Multiple Huawei Product memory leak vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=62491"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-04379"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003345"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-575"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-94254"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003345"
},
{
"db": "NVD",
"id": "CVE-2016-5435"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160615-01-standby-en"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5435"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-5435"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20160615-01-standby-cn"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-04379"
},
{
"db": "VULHUB",
"id": "VHN-94254"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003345"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-575"
},
{
"db": "NVD",
"id": "CVE-2016-5435"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-04379"
},
{
"db": "VULHUB",
"id": "VHN-94254"
},
{
"db": "BID",
"id": "91473"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003345"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-575"
},
{
"db": "NVD",
"id": "CVE-2016-5435"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-06-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-04379"
},
{
"date": "2016-06-24T00:00:00",
"db": "VULHUB",
"id": "VHN-94254"
},
{
"date": "2016-06-15T00:00:00",
"db": "BID",
"id": "91473"
},
{
"date": "2016-06-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003345"
},
{
"date": "2016-06-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201606-575"
},
{
"date": "2016-06-24T17:59:02.517000",
"db": "NVD",
"id": "CVE-2016-5435"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-06-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-04379"
},
{
"date": "2016-06-28T00:00:00",
"db": "VULHUB",
"id": "VHN-94254"
},
{
"date": "2016-06-15T00:00:00",
"db": "BID",
"id": "91473"
},
{
"date": "2016-06-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003345"
},
{
"date": "2016-06-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201606-575"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2016-5435"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-575"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Service disruption in products (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-003345"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-575"
}
],
"trust": 0.6
}
}
VAR-202006-1873
Vulnerability from variot - Updated: 2025-01-19 23:27There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824. IPS Module firmware, NGFW Module firmware, NIP6300 firmware etc. Huawei The product contains an out-of-bounds read vulnerability.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-1873",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nip6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "nip6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "ips module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "usg6000v",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r003c00"
},
{
"model": "nip6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "ips module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "ips module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "nip6800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "nip6800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "nip6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r002c20"
},
{
"model": "nip6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "nip6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r002c00"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "secospace usg6500",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "usg6000v",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nip6600",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nip6300",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nip6800",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ips module",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6600",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ngfw module",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016616"
},
{
"db": "NVD",
"id": "CVE-2020-1822"
}
]
},
"cve": "CVE-2020-1822",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "psirt@huawei.com",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"id": "CVE-2020-1822",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-1822",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2020-1822",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "psirt@huawei.com",
"id": "CVE-2020-1822",
"trust": 1.0,
"value": "LOW"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2020-1822",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2020-1822",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-1907",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016616"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1907"
},
{
"db": "NVD",
"id": "CVE-2020-1822"
},
{
"db": "NVD",
"id": "CVE-2020-1822"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824. IPS Module firmware, NGFW Module firmware, NIP6300 firmware etc. Huawei The product contains an out-of-bounds read vulnerability.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-1822"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-016616"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-1822",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2024-016616",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1907",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016616"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1907"
},
{
"db": "NVD",
"id": "CVE-2020-1822"
}
]
},
"id": "VAR-202006-1873",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.43759489428571424
},
"last_update_date": "2025-01-19T23:27:56.995000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Huawei product security vulnerabilities repair measures",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=126998"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1907"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.0
},
{
"problemtype": "Out-of-bounds read (CWE-125) [ others ]",
"trust": 0.8
},
{
"problemtype": " Out-of-bounds read (CWE-125) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016616"
},
{
"db": "NVD",
"id": "CVE-2020-1822"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1822"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20191218-01-cops-cn"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016616"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1907"
},
{
"db": "NVD",
"id": "CVE-2020-1822"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016616"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1907"
},
{
"db": "NVD",
"id": "CVE-2020-1822"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-01-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-016616"
},
{
"date": "2020-06-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1907"
},
{
"date": "2024-12-28T07:15:18.170000",
"db": "NVD",
"id": "CVE-2020-1822"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-01-16T07:10:00",
"db": "JVNDB",
"id": "JVNDB-2024-016616"
},
{
"date": "2021-01-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1907"
},
{
"date": "2025-01-13T18:40:17.893000",
"db": "NVD",
"id": "CVE-2020-1822"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0Huawei\u00a0 Product out-of-bounds read vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016616"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1907"
}
],
"trust": 0.6
}
}
VAR-202006-1879
Vulnerability from variot - Updated: 2025-01-18 23:07There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824. IPS Module firmware, NGFW Module firmware, NIP6300 firmware etc. Huawei The product contains an out-of-bounds read vulnerability.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-1879",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nip6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "nip6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "ips module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "usg6000v",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r003c00"
},
{
"model": "nip6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "ips module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "ips module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "nip6800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "nip6800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "nip6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r002c20"
},
{
"model": "nip6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "nip6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r002c00"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "secospace usg6500",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "usg6000v",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nip6600",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nip6300",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nip6800",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ips module",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6600",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ngfw module",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016615"
},
{
"db": "NVD",
"id": "CVE-2020-1824"
}
]
},
"cve": "CVE-2020-1824",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "psirt@huawei.com",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"id": "CVE-2020-1824",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-1824",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2020-1824",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "psirt@huawei.com",
"id": "CVE-2020-1824",
"trust": 1.0,
"value": "LOW"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2020-1824",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2020-1824",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-1903",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016615"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1903"
},
{
"db": "NVD",
"id": "CVE-2020-1824"
},
{
"db": "NVD",
"id": "CVE-2020-1824"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824. IPS Module firmware, NGFW Module firmware, NIP6300 firmware etc. Huawei The product contains an out-of-bounds read vulnerability.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-1824"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-016615"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-1824",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2024-016615",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1903",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016615"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1903"
},
{
"db": "NVD",
"id": "CVE-2020-1824"
}
]
},
"id": "VAR-202006-1879",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.43759489428571424
},
"last_update_date": "2025-01-18T23:07:11.580000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Huawei product security vulnerabilities repair measures",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=126994"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1903"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.0
},
{
"problemtype": "Out-of-bounds read (CWE-125) [ others ]",
"trust": 0.8
},
{
"problemtype": " Out-of-bounds read (CWE-125) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016615"
},
{
"db": "NVD",
"id": "CVE-2020-1824"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1824"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20191218-01-cops-cn"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016615"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1903"
},
{
"db": "NVD",
"id": "CVE-2020-1824"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016615"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1903"
},
{
"db": "NVD",
"id": "CVE-2020-1824"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-01-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-016615"
},
{
"date": "2020-06-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1903"
},
{
"date": "2024-12-28T07:15:18.530000",
"db": "NVD",
"id": "CVE-2020-1824"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-01-16T07:10:00",
"db": "JVNDB",
"id": "JVNDB-2024-016615"
},
{
"date": "2021-01-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1903"
},
{
"date": "2025-01-13T18:39:27.433000",
"db": "NVD",
"id": "CVE-2020-1824"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0Huawei\u00a0 Product out-of-bounds read vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016615"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1903"
}
],
"trust": 0.6
}
}
VAR-202006-1876
Vulnerability from variot - Updated: 2025-01-16 23:31There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824. IPS Module firmware, NGFW Module firmware, NIP6300 firmware etc. Huawei The product contains an out-of-bounds read vulnerability.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-1876",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nip6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "nip6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "ips module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "usg6000v",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r003c00"
},
{
"model": "nip6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "ips module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "ips module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "nip6800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "nip6800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "nip6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r002c20"
},
{
"model": "nip6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "nip6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r002c00"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "secospace usg6300",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6600",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nip6800",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ngfw module",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nip6600",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ips module",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6500",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nip6300",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "usg6000v",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016385"
},
{
"db": "NVD",
"id": "CVE-2020-1823"
}
]
},
"cve": "CVE-2020-1823",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "psirt@huawei.com",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"id": "CVE-2020-1823",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-1823",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2020-1823",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "psirt@huawei.com",
"id": "CVE-2020-1823",
"trust": 1.0,
"value": "LOW"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2020-1823",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2020-1823",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-1904",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016385"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1904"
},
{
"db": "NVD",
"id": "CVE-2020-1823"
},
{
"db": "NVD",
"id": "CVE-2020-1823"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824. IPS Module firmware, NGFW Module firmware, NIP6300 firmware etc. Huawei The product contains an out-of-bounds read vulnerability.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-1823"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-016385"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-1823",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2024-016385",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1904",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016385"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1904"
},
{
"db": "NVD",
"id": "CVE-2020-1823"
}
]
},
"id": "VAR-202006-1876",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.43759489428571424
},
"last_update_date": "2025-01-16T23:31:55.574000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Huawei product security vulnerabilities repair measures",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=126995"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1904"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.0
},
{
"problemtype": "Out-of-bounds read (CWE-125) [ others ]",
"trust": 0.8
},
{
"problemtype": " Out-of-bounds read (CWE-125) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016385"
},
{
"db": "NVD",
"id": "CVE-2020-1823"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1823"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20191218-01-cops-cn"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016385"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1904"
},
{
"db": "NVD",
"id": "CVE-2020-1823"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016385"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1904"
},
{
"db": "NVD",
"id": "CVE-2020-1823"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-01-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-016385"
},
{
"date": "2020-06-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1904"
},
{
"date": "2024-12-28T07:15:18.357000",
"db": "NVD",
"id": "CVE-2020-1823"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-01-14T09:48:00",
"db": "JVNDB",
"id": "JVNDB-2024-016385"
},
{
"date": "2021-01-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1904"
},
{
"date": "2025-01-13T18:39:37.540000",
"db": "NVD",
"id": "CVE-2020-1823"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0Huawei\u00a0 Product out-of-bounds read vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016385"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1904"
}
],
"trust": 0.6
}
}
VAR-202006-1881
Vulnerability from variot - Updated: 2025-01-16 23:27There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824. IPS Module firmware, NGFW Module firmware, NIP6300 firmware etc. Huawei The product contains an out-of-bounds read vulnerability.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-1881",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nip6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "nip6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "ips module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "usg6000v",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r003c00"
},
{
"model": "nip6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "ips module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "ips module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "nip6800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "nip6800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "nip6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r002c20"
},
{
"model": "nip6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "nip6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r002c00"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "secospace usg6300",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6600",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nip6800",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ngfw module",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nip6600",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ips module",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6500",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nip6300",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "usg6000v",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016386"
},
{
"db": "NVD",
"id": "CVE-2020-1821"
}
]
},
"cve": "CVE-2020-1821",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "psirt@huawei.com",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"id": "CVE-2020-1821",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-1821",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2020-1821",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "psirt@huawei.com",
"id": "CVE-2020-1821",
"trust": 1.0,
"value": "LOW"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2020-1821",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2020-1821",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-1905",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016386"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1905"
},
{
"db": "NVD",
"id": "CVE-2020-1821"
},
{
"db": "NVD",
"id": "CVE-2020-1821"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824. IPS Module firmware, NGFW Module firmware, NIP6300 firmware etc. Huawei The product contains an out-of-bounds read vulnerability.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-1821"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-016386"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-1821",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2024-016386",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1905",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016386"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1905"
},
{
"db": "NVD",
"id": "CVE-2020-1821"
}
]
},
"id": "VAR-202006-1881",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.43759489428571424
},
"last_update_date": "2025-01-16T23:27:17.474000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Huawei product security vulnerabilities repair measures",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=126996"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1905"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.0
},
{
"problemtype": "Out-of-bounds read (CWE-125) [ others ]",
"trust": 0.8
},
{
"problemtype": " Out-of-bounds read (CWE-125) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016386"
},
{
"db": "NVD",
"id": "CVE-2020-1821"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1821"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20191218-01-cops-cn"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016386"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1905"
},
{
"db": "NVD",
"id": "CVE-2020-1821"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016386"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1905"
},
{
"db": "NVD",
"id": "CVE-2020-1821"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-01-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-016386"
},
{
"date": "2020-06-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1905"
},
{
"date": "2024-12-28T07:15:17.973000",
"db": "NVD",
"id": "CVE-2020-1821"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-01-14T09:48:00",
"db": "JVNDB",
"id": "JVNDB-2024-016386"
},
{
"date": "2021-01-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1905"
},
{
"date": "2025-01-13T18:40:31.437000",
"db": "NVD",
"id": "CVE-2020-1821"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0Huawei\u00a0 Product out-of-bounds read vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016386"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1905"
}
],
"trust": 0.6
}
}
VAR-202006-1878
Vulnerability from variot - Updated: 2025-01-15 23:07There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824. IPS Module firmware, NGFW Module firmware, NIP6300 firmware etc. Huawei The product contains an out-of-bounds read vulnerability.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-1878",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nip6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "nip6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "ips module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r002c00"
},
{
"model": "nip6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "ips module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "nip6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "nip6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "nip6800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "usg6000v",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r003c00"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "nip6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "ips module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r002c20"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "nip6800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "secospace usg6600",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6500",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nip6800",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ips module",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "usg6000v",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nip6300",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ngfw module",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nip6600",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016258"
},
{
"db": "NVD",
"id": "CVE-2020-1819"
}
]
},
"cve": "CVE-2020-1819",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "psirt@huawei.com",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"id": "CVE-2020-1819",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-1819",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2020-1819",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "psirt@huawei.com",
"id": "CVE-2020-1819",
"trust": 1.0,
"value": "LOW"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2020-1819",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2020-1819",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-1908",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016258"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1908"
},
{
"db": "NVD",
"id": "CVE-2020-1819"
},
{
"db": "NVD",
"id": "CVE-2020-1819"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824. IPS Module firmware, NGFW Module firmware, NIP6300 firmware etc. Huawei The product contains an out-of-bounds read vulnerability.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-1819"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-016258"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-1819",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2024-016258",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1908",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016258"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1908"
},
{
"db": "NVD",
"id": "CVE-2020-1819"
}
]
},
"id": "VAR-202006-1878",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.43759489428571424
},
"last_update_date": "2025-01-15T23:07:20.429000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Huawei product security vulnerabilities repair measures",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=126999"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1908"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.0
},
{
"problemtype": "Out-of-bounds read (CWE-125) [NVD evaluation ]",
"trust": 0.8
},
{
"problemtype": " Out-of-bounds read (CWE-125) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016258"
},
{
"db": "NVD",
"id": "CVE-2020-1819"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1819"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20191218-01-cops-cn"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016258"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1908"
},
{
"db": "NVD",
"id": "CVE-2020-1819"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016258"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1908"
},
{
"db": "NVD",
"id": "CVE-2020-1819"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-01-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-016258"
},
{
"date": "2020-06-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1908"
},
{
"date": "2024-12-27T10:15:09.710000",
"db": "NVD",
"id": "CVE-2020-1819"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-01-14T02:48:00",
"db": "JVNDB",
"id": "JVNDB-2024-016258"
},
{
"date": "2021-01-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1908"
},
{
"date": "2025-01-10T20:32:19.230000",
"db": "NVD",
"id": "CVE-2020-1819"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0Huawei\u00a0 Product out-of-bounds read vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016258"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1908"
}
],
"trust": 0.6
}
}
VAR-202006-1877
Vulnerability from variot - Updated: 2025-01-15 23:01There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824. IPS Module firmware, NGFW Module firmware, NIP6300 firmware etc. Huawei The product contains an out-of-bounds read vulnerability.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-1877",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nip6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "nip6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "ips module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r002c00"
},
{
"model": "nip6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "ips module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "nip6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "nip6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "nip6800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "usg6000v",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r003c00"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "nip6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "ips module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r002c20"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "nip6800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "secospace usg6600",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6500",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nip6800",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ips module",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "usg6000v",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nip6300",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ngfw module",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nip6600",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016284"
},
{
"db": "NVD",
"id": "CVE-2020-1818"
}
]
},
"cve": "CVE-2020-1818",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "psirt@huawei.com",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"id": "CVE-2020-1818",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-1818",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2020-1818",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "psirt@huawei.com",
"id": "CVE-2020-1818",
"trust": 1.0,
"value": "LOW"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2020-1818",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2020-1818",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-1909",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016284"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1909"
},
{
"db": "NVD",
"id": "CVE-2020-1818"
},
{
"db": "NVD",
"id": "CVE-2020-1818"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824. IPS Module firmware, NGFW Module firmware, NIP6300 firmware etc. Huawei The product contains an out-of-bounds read vulnerability.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-1818"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-016284"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-1818",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2024-016284",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1909",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016284"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1909"
},
{
"db": "NVD",
"id": "CVE-2020-1818"
}
]
},
"id": "VAR-202006-1877",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.43759489428571424
},
"last_update_date": "2025-01-15T23:01:46.726000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Huawei product security vulnerabilities repair measures",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=127000"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1909"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.0
},
{
"problemtype": "Out-of-bounds read (CWE-125) [ others ]",
"trust": 0.8
},
{
"problemtype": " Out-of-bounds read (CWE-125) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016284"
},
{
"db": "NVD",
"id": "CVE-2020-1818"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1818"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20191218-01-cops-cn"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016284"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1909"
},
{
"db": "NVD",
"id": "CVE-2020-1818"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016284"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1909"
},
{
"db": "NVD",
"id": "CVE-2020-1818"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-01-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-016284"
},
{
"date": "2020-06-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1909"
},
{
"date": "2024-12-27T10:15:06.310000",
"db": "NVD",
"id": "CVE-2020-1818"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-01-14T05:44:00",
"db": "JVNDB",
"id": "JVNDB-2024-016284"
},
{
"date": "2021-01-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1909"
},
{
"date": "2025-01-10T20:28:46.463000",
"db": "NVD",
"id": "CVE-2020-1818"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0Huawei\u00a0 Product out-of-bounds read vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016284"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1909"
}
],
"trust": 0.6
}
}
VAR-202006-1874
Vulnerability from variot - Updated: 2025-01-15 22:57There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824. IPS Module firmware, NGFW Module firmware, NIP6300 firmware etc. Huawei The product contains an out-of-bounds read vulnerability.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-1874",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nip6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "nip6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "ips module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "usg6000v",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r003c00"
},
{
"model": "nip6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "ips module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "ips module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "nip6800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "nip6800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "nip6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r002c20"
},
{
"model": "nip6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r005c00"
},
{
"model": "nip6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r002c00"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "secospace usg6600",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6500",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nip6800",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ips module",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "usg6000v",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nip6300",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ngfw module",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nip6600",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016325"
},
{
"db": "NVD",
"id": "CVE-2020-1820"
}
]
},
"cve": "CVE-2020-1820",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "psirt@huawei.com",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"id": "CVE-2020-1820",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-1820",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2020-1820",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "psirt@huawei.com",
"id": "CVE-2020-1820",
"trust": 1.0,
"value": "LOW"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2020-1820",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2020-1820",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-1906",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016325"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1906"
},
{
"db": "NVD",
"id": "CVE-2020-1820"
},
{
"db": "NVD",
"id": "CVE-2020-1820"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824. IPS Module firmware, NGFW Module firmware, NIP6300 firmware etc. Huawei The product contains an out-of-bounds read vulnerability.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-1820"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-016325"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-1820",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2024-016325",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1906",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016325"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1906"
},
{
"db": "NVD",
"id": "CVE-2020-1820"
}
]
},
"id": "VAR-202006-1874",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.43759489428571424
},
"last_update_date": "2025-01-15T22:57:13.991000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Huawei product security vulnerabilities repair measures",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=126997"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1906"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.0
},
{
"problemtype": "Out-of-bounds read (CWE-125) [NVD evaluation ]",
"trust": 0.8
},
{
"problemtype": " Out-of-bounds read (CWE-125) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016325"
},
{
"db": "NVD",
"id": "CVE-2020-1820"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1820"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20191218-01-cops-cn"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016325"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1906"
},
{
"db": "NVD",
"id": "CVE-2020-1820"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016325"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1906"
},
{
"db": "NVD",
"id": "CVE-2020-1820"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-01-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-016325"
},
{
"date": "2020-06-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1906"
},
{
"date": "2024-12-28T07:15:17.230000",
"db": "NVD",
"id": "CVE-2020-1820"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-01-14T06:47:00",
"db": "JVNDB",
"id": "JVNDB-2024-016325"
},
{
"date": "2021-01-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1906"
},
{
"date": "2025-01-13T18:40:36.910000",
"db": "NVD",
"id": "CVE-2020-1820"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0Huawei\u00a0 Product out-of-bounds read vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-016325"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1906"
}
],
"trust": 0.6
}
}
VAR-201804-0418
Vulnerability from variot - Updated: 2024-11-23 23:12Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00SPC180T, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00SPC200, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG6000V V500R001C20, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02 have a null pointer dereference vulnerability in H323 protocol. An unauthenticated, remote attacker could craft malformed packets and send the packets to the affected products. Due to insufficient validation of packets, which could be exploited to cause process crash. plural Huawei The product includes NULL A vulnerability related to pointer dereference exists.Service operation interruption (DoS) There is a possibility of being put into a state. The AR120-S, AR1200, DP300, RSE6500, SecospaceUSG6300, and ViewPoint8660 are network devices of Huawei. The Huawei AR120-S and others are all products of China's Huawei (Huawei). Huawei AR120-S is an enterprise-class router. TE60 is an integrated high-definition video conferencing terminal device that supports intelligent voice calling and Wi-Fi wireless interconnection. H323 protocol is one of the video and audio communication protocols. The vulnerability stems from the fact that the program does not fully verify data packets. A remote attacker could exploit this vulnerability by sending a specially crafted malformed packet to cause a denial of service (null pointer dereference and process crash). The following products and versions are affected: Huawei AR120-S V200R006C10 Version, V200R007C00 Version, V200R008C20 Version, V200R008C30 Version; AR1200 V200R006C10 Version, V200R006C13 Version, V200R007C00 Version, V200R007C01 Version, V200R007C02 Version, V200R008C20 Version, V200R008C30 Version; AR1200-S V200R006C10 Version, V200R007C00 Version, V200R008C20 Version, V200R008C30 Version; AR150 V200R006C10 Version, V200R007C00 Version, V200R007C01 Version, V200R007C02 Version, V200R008C20 Version, V200R008C30 Version; AR150-S V200R006C10SPC300 Version, V200R007C00 Version, V200R008C20 Version, V200R008C30 Version; AR160 V200R006C10 Version, V200R006C12 Version , V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR200 V200R006C10, V200R007C00, V200R007C01, V200R008-S20R0;
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201804-0418",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "viewpoint 9030",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v100r011c03"
},
{
"model": "vp9660",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v500r002c10"
},
{
"model": "usg6000v",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v500r001c20"
},
{
"model": "te60",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v100r001c10"
},
{
"model": "viewpoint 9030",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v100r011c02"
},
{
"model": "te60",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v100r001c01"
},
{
"model": "te60",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v500r002c00"
},
{
"model": "viewpoint 8660",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v100r008c03"
},
{
"model": "vp9660",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v500r002c00"
},
{
"model": "te60",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v600r006c00"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r001c10spc200"
},
{
"model": "te30",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r002c00"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "srg3300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c20"
},
{
"model": "srg3300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c10"
},
{
"model": "ar120-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c20"
},
{
"model": "ar120-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c30"
},
{
"model": "ips module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r001c10spc200"
},
{
"model": "ar3600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c01"
},
{
"model": "ar3200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c20"
},
{
"model": "ar3200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c10"
},
{
"model": "usg9520",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v300r001c01"
},
{
"model": "ar3200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c11"
},
{
"model": "ar2200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c01"
},
{
"model": "svn5800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c00"
},
{
"model": "ar1200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c13"
},
{
"model": "tp3106",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r002c00"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r001c30"
},
{
"model": "ar150",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c30"
},
{
"model": "nip6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c50"
},
{
"model": "ar3200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00"
},
{
"model": "nip6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c20"
},
{
"model": "ips module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r001c30"
},
{
"model": "ar150-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c10spc300"
},
{
"model": "ar3200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c10"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c50"
},
{
"model": "ar510",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c16"
},
{
"model": "netengine16ex",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c10"
},
{
"model": "netengine16ex",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c20"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r001c20"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c20"
},
{
"model": "ar1200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c01"
},
{
"model": "ar150",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c02"
},
{
"model": "ar510",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c30"
},
{
"model": "nip6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "te30",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r001c02"
},
{
"model": "ar1200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00"
},
{
"model": "ar2200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c13"
},
{
"model": "ar1200-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c30"
},
{
"model": "ar160",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c10"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r001c30"
},
{
"model": "ar2200-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c30"
},
{
"model": "svn5600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c10"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r001c30"
},
{
"model": "ar160",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c01"
},
{
"model": "te50",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r006c00"
},
{
"model": "ar3600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c20"
},
{
"model": "ar160",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00"
},
{
"model": "ar3600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c10"
},
{
"model": "te30",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r006c00"
},
{
"model": "ar2200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c20"
},
{
"model": "ar2200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c10"
},
{
"model": "srg3300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c30"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r001c10"
},
{
"model": "ips module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "svn5600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c00"
},
{
"model": "ar3200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c30"
},
{
"model": "ar3600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00"
},
{
"model": "svn5800-c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c10"
},
{
"model": "ar2200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00"
},
{
"model": "dp300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r002c00"
},
{
"model": "ar200-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00"
},
{
"model": "tp3206",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r002c10"
},
{
"model": "nip6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "srg3300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c02"
},
{
"model": "usg9500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "srg1300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c20"
},
{
"model": "ar1200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c20"
},
{
"model": "ar1200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c10"
},
{
"model": "srg1300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c10"
},
{
"model": "semg9811",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v300r001c01"
},
{
"model": "svn5800-c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c00"
},
{
"model": "ar3200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c02"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r001c20"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c20"
},
{
"model": "te40",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r002c00"
},
{
"model": "ar150-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c20"
},
{
"model": "netengine16ex",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c30"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "srg2300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c20"
},
{
"model": "srg2300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c10"
},
{
"model": "srg1300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00"
},
{
"model": "usg9580",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v300r001c01"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c60"
},
{
"model": "ar510",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c15"
},
{
"model": "ar160",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c20"
},
{
"model": "rse6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r002c00"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "ar160",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c30"
},
{
"model": "ar150-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00"
},
{
"model": "ar200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c01"
},
{
"model": "srg2300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00"
},
{
"model": "ar510",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c12"
},
{
"model": "nip6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c50"
},
{
"model": "ar2200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c16pwe"
},
{
"model": "nip6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c20"
},
{
"model": "usg9500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c50"
},
{
"model": "ar2200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c30"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r001c20"
},
{
"model": "usg9500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c20"
},
{
"model": "usg9520",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v300r001c20"
},
{
"model": "ar3200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c00"
},
{
"model": "ar200-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c20"
},
{
"model": "ar200-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c10"
},
{
"model": "ar160",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c02"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c50"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r002c10"
},
{
"model": "ar150",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c01"
},
{
"model": "ar510",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c17"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r001c20"
},
{
"model": "nip6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "te30",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r001c10"
},
{
"model": "usg9580",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v300r001c20"
},
{
"model": "ar2200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c02"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "srg1300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c30"
},
{
"model": "ar1200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c30"
},
{
"model": "ngfw module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r002c00"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r001c10"
},
{
"model": "ar150-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c30"
},
{
"model": "srg2300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c30"
},
{
"model": "ar200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c20"
},
{
"model": "ar200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c10"
},
{
"model": "ips module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c50"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r001c10"
},
{
"model": "te50",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r002c00"
},
{
"model": "ips module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c20"
},
{
"model": "ar1200-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00"
},
{
"model": "ar2200-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00"
},
{
"model": "ar510",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spc180t"
},
{
"model": "srg1300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c02"
},
{
"model": "ar1200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c02"
},
{
"model": "ar120-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c10"
},
{
"model": "ar200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00"
},
{
"model": "ips module",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "srg2300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c02"
},
{
"model": "srg3300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00"
},
{
"model": "ar150",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c20"
},
{
"model": "ar150",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c10"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c50"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r001c00spc200"
},
{
"model": "ar120-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00"
},
{
"model": "ar160",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c12"
},
{
"model": "ar3200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c01"
},
{
"model": "nip6800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c50"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c20"
},
{
"model": "secospace usg6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r001c30"
},
{
"model": "ar510",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c13"
},
{
"model": "ar200-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c30"
},
{
"model": "usg9560",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v300r001c20"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c20"
},
{
"model": "ar150",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00"
},
{
"model": "secospace usg6300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "usg9500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "ar510",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c20"
},
{
"model": "ar510",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c10"
},
{
"model": "secospace usg6500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c00"
},
{
"model": "usg9560",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v300r001c01"
},
{
"model": "ar1200-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c20"
},
{
"model": "ar1200-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c10"
},
{
"model": "nip6600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v500r001c30"
},
{
"model": "ar2200-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c20"
},
{
"model": "ar2200-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r006c10"
},
{
"model": "netengine16ex",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00"
},
{
"model": "te40",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r006c00"
},
{
"model": "svn5800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003c10"
},
{
"model": "tp3206",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r002c00"
},
{
"model": "ar200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r008c30"
},
{
"model": "ar120-s",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "dp300",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ips module",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "netengine16ex",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ngfw module",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nip6300",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "rse6500",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "semg9811",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "srg1300",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "svn5600",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "te30",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "tp3106",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "usg9500",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "viewpoint 8660",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "vp9660",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "dp300 v500r002c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "rse6500 v500r002c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "viewpoint v100r008c03",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "8660"
},
{
"model": "ar120-s v200r006c10",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar120-s v200r007c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar120-s v200r008c20",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar120-s v200r008c30",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar1200 v200r006c10",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar1200 v200r006c13",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar1200 v200r007c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar1200 v200r007c01",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar1200 v200r007c02",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar1200 v200r008c20",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar1200 v200r008c30",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300 v100r001c10",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300 v100r001c20",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300 v100r001c30",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300 v500r001c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300 v500r001c20",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300 v500r001c30",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "secospace usg6300 v500r001c50",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08041"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013343"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1394"
},
{
"db": "NVD",
"id": "CVE-2017-17254"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:huawei:ar120-s_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:dp300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:ips_module_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:netengine16ex_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:ngfw_module_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:nip6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:rse6500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:secospace_usg6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:semg9811_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:srg1300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:svn5600_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:te30_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:tp3106_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:usg9500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:viewpoint_8660_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:vp9660_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-013343"
}
]
},
"cve": "CVE-2017-17254",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-17254",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-08041",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-108258",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2017-17254",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-17254",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-17254",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2018-08041",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201804-1394",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-108258",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08041"
},
{
"db": "VULHUB",
"id": "VHN-108258"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013343"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1394"
},
{
"db": "NVD",
"id": "CVE-2017-17254"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00SPC180T, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00SPC200, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG6000V V500R001C20, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02 have a null pointer dereference vulnerability in H323 protocol. An unauthenticated, remote attacker could craft malformed packets and send the packets to the affected products. Due to insufficient validation of packets, which could be exploited to cause process crash. plural Huawei The product includes NULL A vulnerability related to pointer dereference exists.Service operation interruption (DoS) There is a possibility of being put into a state. The AR120-S, AR1200, DP300, RSE6500, SecospaceUSG6300, and ViewPoint8660 are network devices of Huawei. The Huawei AR120-S and others are all products of China\u0027s Huawei (Huawei). Huawei AR120-S is an enterprise-class router. TE60 is an integrated high-definition video conferencing terminal device that supports intelligent voice calling and Wi-Fi wireless interconnection. H323 protocol is one of the video and audio communication protocols. The vulnerability stems from the fact that the program does not fully verify data packets. A remote attacker could exploit this vulnerability by sending a specially crafted malformed packet to cause a denial of service (null pointer dereference and process crash). The following products and versions are affected: Huawei AR120-S V200R006C10 Version, V200R007C00 Version, V200R008C20 Version, V200R008C30 Version; AR1200 V200R006C10 Version, V200R006C13 Version, V200R007C00 Version, V200R007C01 Version, V200R007C02 Version, V200R008C20 Version, V200R008C30 Version; AR1200-S V200R006C10 Version, V200R007C00 Version, V200R008C20 Version, V200R008C30 Version; AR150 V200R006C10 Version, V200R007C00 Version, V200R007C01 Version, V200R007C02 Version, V200R008C20 Version, V200R008C30 Version; AR150-S V200R006C10SPC300 Version, V200R007C00 Version, V200R008C20 Version, V200R008C30 Version; AR160 V200R006C10 Version, V200R006C12 Version , V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR200 V200R006C10, V200R007C00, V200R007C01, V200R008-S20R0;",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-17254"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013343"
},
{
"db": "CNVD",
"id": "CNVD-2018-08041"
},
{
"db": "VULHUB",
"id": "VHN-108258"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-17254",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013343",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1394",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-08041",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-108258",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08041"
},
{
"db": "VULHUB",
"id": "VHN-108258"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013343"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1394"
},
{
"db": "NVD",
"id": "CVE-2017-17254"
}
]
},
"id": "VAR-201804-0418",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08041"
},
{
"db": "VULHUB",
"id": "VHN-108258"
}
],
"trust": 1.444610328275862
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08041"
}
]
},
"last_update_date": "2024-11-23T23:12:13.338000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20171227-01-h323",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171227-01-h323-en"
},
{
"title": "Huawei patch H323 protocol null pointer reference vulnerability (CNVD-2018-08041)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/126619"
},
{
"title": "Multiple Huawei product H323 Fixing measures for protocol security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79676"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08041"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013343"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1394"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-476",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-108258"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013343"
},
{
"db": "NVD",
"id": "CVE-2017-17254"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171227-01-h323-en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-17254"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17254"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20171227-01-h323-cn"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08041"
},
{
"db": "VULHUB",
"id": "VHN-108258"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013343"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1394"
},
{
"db": "NVD",
"id": "CVE-2017-17254"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-08041"
},
{
"db": "VULHUB",
"id": "VHN-108258"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013343"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1394"
},
{
"db": "NVD",
"id": "CVE-2017-17254"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-08041"
},
{
"date": "2018-04-24T00:00:00",
"db": "VULHUB",
"id": "VHN-108258"
},
{
"date": "2018-06-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-013343"
},
{
"date": "2018-04-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-1394"
},
{
"date": "2018-04-24T15:29:00.463000",
"db": "NVD",
"id": "CVE-2017-17254"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-08041"
},
{
"date": "2018-06-04T00:00:00",
"db": "VULHUB",
"id": "VHN-108258"
},
{
"date": "2018-06-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-013343"
},
{
"date": "2018-04-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-1394"
},
{
"date": "2024-11-21T03:17:43.240000",
"db": "NVD",
"id": "CVE-2017-17254"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-1394"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei In product NULL Pointer dereference vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-013343"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-1394"
}
],
"trust": 0.6
}
}
CVE-2020-1824 (GCVE-0-2020-1824)
Vulnerability from nvd – Published: 2024-12-28 06:37 – Updated: 2024-12-28 16:32
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1824",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-28T16:32:08.146658Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T16:32:25.200Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:37:14.149Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1824",
"datePublished": "2024-12-28T06:37:14.149Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-28T16:32:25.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1823 (GCVE-0-2020-1823)
Vulnerability from nvd – Published: 2024-12-28 06:29 – Updated: 2024-12-28 16:33
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1823",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-28T16:33:21.089526Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T16:33:45.933Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:29:49.051Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1823",
"datePublished": "2024-12-28T06:29:49.051Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-28T16:33:45.933Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1822 (GCVE-0-2020-1822)
Vulnerability from nvd – Published: 2024-12-28 06:21 – Updated: 2024-12-28 16:34
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1822",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-28T16:34:26.596620Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T16:34:41.792Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:21:04.473Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1822",
"datePublished": "2024-12-28T06:21:04.473Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-28T16:34:41.792Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1821 (GCVE-0-2020-1821)
Vulnerability from nvd – Published: 2024-12-28 06:16 – Updated: 2024-12-30 16:13
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1821",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-30T16:12:49.264838Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-30T16:13:03.624Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:16:58.770Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1821",
"datePublished": "2024-12-28T06:16:58.770Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-30T16:13:03.624Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1820 (GCVE-0-2020-1820)
Vulnerability from nvd – Published: 2024-12-28 06:11 – Updated: 2024-12-31 17:17
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1820",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-31T17:16:57.375041Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-31T17:17:05.860Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:11:17.446Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1820",
"datePublished": "2024-12-28T06:11:17.446Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-31T17:17:05.860Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1819 (GCVE-0-2020-1819)
Vulnerability from nvd – Published: 2024-12-27 10:05 – Updated: 2024-12-27 14:56
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1819",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-27T14:56:22.966063Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T14:56:31.845Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T10:05:47.224Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1819",
"datePublished": "2024-12-27T10:05:47.224Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-27T14:56:31.845Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1818 (GCVE-0-2020-1818)
Vulnerability from nvd – Published: 2024-12-27 10:02 – Updated: 2024-12-27 14:57
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1818",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-27T14:56:47.972518Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T14:57:27.653Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T10:02:45.710Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1818",
"datePublished": "2024-12-27T10:02:45.710Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-27T14:57:27.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1824 (GCVE-0-2020-1824)
Vulnerability from cvelistv5 – Published: 2024-12-28 06:37 – Updated: 2024-12-28 16:32
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1824",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-28T16:32:08.146658Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T16:32:25.200Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:37:14.149Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1824",
"datePublished": "2024-12-28T06:37:14.149Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-28T16:32:25.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1823 (GCVE-0-2020-1823)
Vulnerability from cvelistv5 – Published: 2024-12-28 06:29 – Updated: 2024-12-28 16:33
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1823",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-28T16:33:21.089526Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T16:33:45.933Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:29:49.051Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1823",
"datePublished": "2024-12-28T06:29:49.051Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-28T16:33:45.933Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1822 (GCVE-0-2020-1822)
Vulnerability from cvelistv5 – Published: 2024-12-28 06:21 – Updated: 2024-12-28 16:34
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1822",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-28T16:34:26.596620Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T16:34:41.792Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:21:04.473Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1822",
"datePublished": "2024-12-28T06:21:04.473Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-28T16:34:41.792Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1821 (GCVE-0-2020-1821)
Vulnerability from cvelistv5 – Published: 2024-12-28 06:16 – Updated: 2024-12-30 16:13
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1821",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-30T16:12:49.264838Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-30T16:13:03.624Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:16:58.770Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1821",
"datePublished": "2024-12-28T06:16:58.770Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-30T16:13:03.624Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1820 (GCVE-0-2020-1820)
Vulnerability from cvelistv5 – Published: 2024-12-28 06:11 – Updated: 2024-12-31 17:17
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1820",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-31T17:16:57.375041Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-31T17:17:05.860Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:11:17.446Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1820",
"datePublished": "2024-12-28T06:11:17.446Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-31T17:17:05.860Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1819 (GCVE-0-2020-1819)
Vulnerability from cvelistv5 – Published: 2024-12-27 10:05 – Updated: 2024-12-27 14:56
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1819",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-27T14:56:22.966063Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T14:56:31.845Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T10:05:47.224Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1819",
"datePublished": "2024-12-27T10:05:47.224Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-27T14:56:31.845Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1818 (GCVE-0-2020-1818)
Vulnerability from cvelistv5 – Published: 2024-12-27 10:02 – Updated: 2024-12-27 14:57
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1818",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-27T14:56:47.972518Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T14:57:27.653Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T10:02:45.710Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1818",
"datePublished": "2024-12-27T10:02:45.710Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-27T14:57:27.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}