Search criteria
8 vulnerabilities found for hege-560_firmware by huawei
CVE-2020-1879 (GCVE-0-2020-1879)
Vulnerability from nvd – Published: 2020-03-20 15:02 – Updated: 2024-08-04 06:53
VLAI
Summary
There is an improper integrity checking vulnerability on some huawei products. The software of the affected product has an improper integrity check which may allow an attacker with high privilege to make malicious modifications.Affected product versions include:HEGE-560 versions 1.0.1.21(SP3);HEGE-570 versions 1.0.1.22(SP3);OSCA-550 versions 1.0.1.21(SP3);OSCA-550A versions 1.0.1.21(SP3);OSCA-550AX versions 1.0.1.21(SP3);OSCA-550X versions 1.0.1.21(SP3).
Severity
No CVSS data available.
CWE
- Improper Integrity Checking
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.huawei.com/en/psirt/security-advisori… | x_refsource_MISC |
| http://www.huawei.com/en/psirt/security-advisorie… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | HEGE-560;HEGE-570;OSCA-550;OSCA-550A;OSCA-550AX;OSCA-550X |
Affected:
1.0.1.21(SP3)
Affected: 1.0.1.22(SP3) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:53:59.797Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200311-01-integrity-en"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-02-dos-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HEGE-560;HEGE-570;OSCA-550;OSCA-550A;OSCA-550AX;OSCA-550X",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "1.0.1.21(SP3)"
},
{
"status": "affected",
"version": "1.0.1.22(SP3)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an improper integrity checking vulnerability on some huawei products. The software of the affected product has an improper integrity check which may allow an attacker with high privilege to make malicious modifications.Affected product versions include:HEGE-560 versions 1.0.1.21(SP3);HEGE-570 versions 1.0.1.22(SP3);OSCA-550 versions 1.0.1.21(SP3);OSCA-550A versions 1.0.1.21(SP3);OSCA-550AX versions 1.0.1.21(SP3);OSCA-550X versions 1.0.1.21(SP3)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Integrity Checking",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-16T12:06:04.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200311-01-integrity-en"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-02-dos-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1879",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HEGE-560;HEGE-570;OSCA-550;OSCA-550A;OSCA-550AX;OSCA-550X",
"version": {
"version_data": [
{
"version_value": "1.0.1.21(SP3)"
},
{
"version_value": "1.0.1.22(SP3)"
},
{
"version_value": "1.0.1.21(SP3)"
},
{
"version_value": "1.0.1.21(SP3)"
},
{
"version_value": "1.0.1.21(SP3)"
},
{
"version_value": "1.0.1.21(SP3)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an improper integrity checking vulnerability on some huawei products. The software of the affected product has an improper integrity check which may allow an attacker with high privilege to make malicious modifications.Affected product versions include:HEGE-560 versions 1.0.1.21(SP3);HEGE-570 versions 1.0.1.22(SP3);OSCA-550 versions 1.0.1.21(SP3);OSCA-550A versions 1.0.1.21(SP3);OSCA-550AX versions 1.0.1.21(SP3);OSCA-550X versions 1.0.1.21(SP3)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Integrity Checking"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200311-01-integrity-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200311-01-integrity-en"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-02-dos-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-02-dos-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1879",
"datePublished": "2020-03-20T15:02:28.000Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-08-04T06:53:59.797Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1842 (GCVE-0-2020-1842)
Vulnerability from nvd – Published: 2020-02-18 03:03 – Updated: 2024-08-04 06:53
VLAI
Summary
Huawei HEGE-560 version 1.0.1.20(SP2); OSCA-550 and OSCA-550A version 1.0.0.71(SP1); and OSCA-550AX and OSCA-550X version 1.0.0.71(SP2) have an insufficient authentication vulnerability. An attacker can access the device physically and perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker obtain high privilege.
Severity
No CVSS data available.
CWE
- Insufficient Authentication
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://www.huawei.com/en/psirt/security-advisorie… | x_refsource_CONFIRM |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Huawei | HEGE-560 |
Affected:
1.0.1.20(SP2)
|
|
| Huawei | OSCA-550, OSCA-550A |
Affected:
1.0.0.71(SP1)
|
|
| Huawei | OSCA-550AX, OSCA-550X |
Affected:
1.0.0.71(SP2)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:53:58.522Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-01-osca-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HEGE-560",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.1.20(SP2)"
}
]
},
{
"product": "OSCA-550, OSCA-550A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.0.71(SP1)"
}
]
},
{
"product": "OSCA-550AX, OSCA-550X",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.0.71(SP2)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Huawei HEGE-560 version 1.0.1.20(SP2); OSCA-550 and OSCA-550A version 1.0.0.71(SP1); and OSCA-550AX and OSCA-550X version 1.0.0.71(SP2) have an insufficient authentication vulnerability. An attacker can access the device physically and perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker obtain high privilege."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insufficient Authentication",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-18T03:03:52.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-01-osca-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1842",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HEGE-560",
"version": {
"version_data": [
{
"version_value": "1.0.1.20(SP2)"
}
]
}
},
{
"product_name": "OSCA-550, OSCA-550A",
"version": {
"version_data": [
{
"version_value": "1.0.0.71(SP1)"
}
]
}
},
{
"product_name": "OSCA-550AX, OSCA-550X",
"version": {
"version_data": [
{
"version_value": "1.0.0.71(SP2)"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei HEGE-560 version 1.0.1.20(SP2); OSCA-550 and OSCA-550A version 1.0.0.71(SP1); and OSCA-550AX and OSCA-550X version 1.0.0.71(SP2) have an insufficient authentication vulnerability. An attacker can access the device physically and perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker obtain high privilege."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-01-osca-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-01-osca-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1842",
"datePublished": "2020-02-18T03:03:52.000Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-08-04T06:53:58.522Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1855 (GCVE-0-2020-1855)
Vulnerability from nvd – Published: 2020-02-18 02:28 – Updated: 2024-08-04 06:53
VLAI
Summary
Huawei HEGE-570 version 1.0.1.22(SP3); and HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X version 1.0.1.21(SP3) have an insufficient verification vulnerability. An attacker can access the device physically and exploit this vulnerability to tamper with device information. Successful exploit may cause service abnormal.
Severity
No CVSS data available.
CWE
- Insufficient Verification
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://www.huawei.com/en/psirt/security-advisorie… | x_refsource_CONFIRM |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Huawei | HEGE-570 |
Affected:
1.0.1.22(SP3)
|
|
| Huawei | HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, OSCA-550X |
Affected:
1.0.1.21(SP3)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:53:58.916Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-03-osca-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HEGE-570",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.1.22(SP3)"
}
]
},
{
"product": "HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, OSCA-550X",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.1.21(SP3)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Huawei HEGE-570 version 1.0.1.22(SP3); and HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X version 1.0.1.21(SP3) have an insufficient verification vulnerability. An attacker can access the device physically and exploit this vulnerability to tamper with device information. Successful exploit may cause service abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insufficient Verification",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-18T02:28:18.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-03-osca-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1855",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HEGE-570",
"version": {
"version_data": [
{
"version_value": "1.0.1.22(SP3)"
}
]
}
},
{
"product_name": "HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, OSCA-550X",
"version": {
"version_data": [
{
"version_value": "1.0.1.21(SP3)"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei HEGE-570 version 1.0.1.22(SP3); and HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X version 1.0.1.21(SP3) have an insufficient verification vulnerability. An attacker can access the device physically and exploit this vulnerability to tamper with device information. Successful exploit may cause service abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient Verification"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-03-osca-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-03-osca-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1855",
"datePublished": "2020-02-18T02:28:18.000Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-08-04T06:53:58.916Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1843 (GCVE-0-2020-1843)
Vulnerability from nvd – Published: 2020-02-18 02:14 – Updated: 2024-08-04 06:53
VLAI
Summary
Huawei HEGE-560 version 1.0.1.20(SP2), OSCA-550 version 1.0.0.71(SP1), OSCA-550A version 1.0.0.71(SP1), OSCA-550AX version 1.0.0.71(SP2), and OSCA-550X version 1.0.0.71(SP2) have an insufficient verification vulnerability. An attacker can perform specific operations to exploit this vulnerability by physical access methods. Successful exploitation may cause the attacker perform an illegal operation.
Severity
No CVSS data available.
CWE
- Insufficient Authentication
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://www.huawei.com/en/psirt/security-advisorie… | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:53:58.926Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-02-osca-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HEGE-560",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.1.20(SP2)"
}
]
},
{
"product": "OSCA-550",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.0.71(SP1)"
}
]
},
{
"product": "OSCA-550A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.0.71(SP1)"
}
]
},
{
"product": "OSCA-550AX",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.0.71(SP2)"
}
]
},
{
"product": "OSCA-550X",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.0.71(SP2)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Huawei HEGE-560 version 1.0.1.20(SP2), OSCA-550 version 1.0.0.71(SP1), OSCA-550A version 1.0.0.71(SP1), OSCA-550AX version 1.0.0.71(SP2), and OSCA-550X version 1.0.0.71(SP2) have an insufficient verification vulnerability. An attacker can perform specific operations to exploit this vulnerability by physical access methods. Successful exploitation may cause the attacker perform an illegal operation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insufficient Authentication",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-18T02:14:55.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-02-osca-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1843",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HEGE-560",
"version": {
"version_data": [
{
"version_value": "1.0.1.20(SP2)"
}
]
}
},
{
"product_name": "OSCA-550",
"version": {
"version_data": [
{
"version_value": "1.0.0.71(SP1)"
}
]
}
},
{
"product_name": "OSCA-550A",
"version": {
"version_data": [
{
"version_value": "1.0.0.71(SP1)"
}
]
}
},
{
"product_name": "OSCA-550AX",
"version": {
"version_data": [
{
"version_value": "1.0.0.71(SP2)"
}
]
}
},
{
"product_name": "OSCA-550X",
"version": {
"version_data": [
{
"version_value": "1.0.0.71(SP2)"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei HEGE-560 version 1.0.1.20(SP2), OSCA-550 version 1.0.0.71(SP1), OSCA-550A version 1.0.0.71(SP1), OSCA-550AX version 1.0.0.71(SP2), and OSCA-550X version 1.0.0.71(SP2) have an insufficient verification vulnerability. An attacker can perform specific operations to exploit this vulnerability by physical access methods. Successful exploitation may cause the attacker perform an illegal operation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-02-osca-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-02-osca-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1843",
"datePublished": "2020-02-18T02:14:55.000Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-08-04T06:53:58.926Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1879 (GCVE-0-2020-1879)
Vulnerability from cvelistv5 – Published: 2020-03-20 15:02 – Updated: 2024-08-04 06:53
VLAI
Summary
There is an improper integrity checking vulnerability on some huawei products. The software of the affected product has an improper integrity check which may allow an attacker with high privilege to make malicious modifications.Affected product versions include:HEGE-560 versions 1.0.1.21(SP3);HEGE-570 versions 1.0.1.22(SP3);OSCA-550 versions 1.0.1.21(SP3);OSCA-550A versions 1.0.1.21(SP3);OSCA-550AX versions 1.0.1.21(SP3);OSCA-550X versions 1.0.1.21(SP3).
Severity
No CVSS data available.
CWE
- Improper Integrity Checking
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.huawei.com/en/psirt/security-advisori… | x_refsource_MISC |
| http://www.huawei.com/en/psirt/security-advisorie… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | HEGE-560;HEGE-570;OSCA-550;OSCA-550A;OSCA-550AX;OSCA-550X |
Affected:
1.0.1.21(SP3)
Affected: 1.0.1.22(SP3) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:53:59.797Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200311-01-integrity-en"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-02-dos-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HEGE-560;HEGE-570;OSCA-550;OSCA-550A;OSCA-550AX;OSCA-550X",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "1.0.1.21(SP3)"
},
{
"status": "affected",
"version": "1.0.1.22(SP3)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an improper integrity checking vulnerability on some huawei products. The software of the affected product has an improper integrity check which may allow an attacker with high privilege to make malicious modifications.Affected product versions include:HEGE-560 versions 1.0.1.21(SP3);HEGE-570 versions 1.0.1.22(SP3);OSCA-550 versions 1.0.1.21(SP3);OSCA-550A versions 1.0.1.21(SP3);OSCA-550AX versions 1.0.1.21(SP3);OSCA-550X versions 1.0.1.21(SP3)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Integrity Checking",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-16T12:06:04.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200311-01-integrity-en"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-02-dos-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1879",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HEGE-560;HEGE-570;OSCA-550;OSCA-550A;OSCA-550AX;OSCA-550X",
"version": {
"version_data": [
{
"version_value": "1.0.1.21(SP3)"
},
{
"version_value": "1.0.1.22(SP3)"
},
{
"version_value": "1.0.1.21(SP3)"
},
{
"version_value": "1.0.1.21(SP3)"
},
{
"version_value": "1.0.1.21(SP3)"
},
{
"version_value": "1.0.1.21(SP3)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an improper integrity checking vulnerability on some huawei products. The software of the affected product has an improper integrity check which may allow an attacker with high privilege to make malicious modifications.Affected product versions include:HEGE-560 versions 1.0.1.21(SP3);HEGE-570 versions 1.0.1.22(SP3);OSCA-550 versions 1.0.1.21(SP3);OSCA-550A versions 1.0.1.21(SP3);OSCA-550AX versions 1.0.1.21(SP3);OSCA-550X versions 1.0.1.21(SP3)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Integrity Checking"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200311-01-integrity-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200311-01-integrity-en"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-02-dos-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-02-dos-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1879",
"datePublished": "2020-03-20T15:02:28.000Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-08-04T06:53:59.797Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1842 (GCVE-0-2020-1842)
Vulnerability from cvelistv5 – Published: 2020-02-18 03:03 – Updated: 2024-08-04 06:53
VLAI
Summary
Huawei HEGE-560 version 1.0.1.20(SP2); OSCA-550 and OSCA-550A version 1.0.0.71(SP1); and OSCA-550AX and OSCA-550X version 1.0.0.71(SP2) have an insufficient authentication vulnerability. An attacker can access the device physically and perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker obtain high privilege.
Severity
No CVSS data available.
CWE
- Insufficient Authentication
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://www.huawei.com/en/psirt/security-advisorie… | x_refsource_CONFIRM |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Huawei | HEGE-560 |
Affected:
1.0.1.20(SP2)
|
|
| Huawei | OSCA-550, OSCA-550A |
Affected:
1.0.0.71(SP1)
|
|
| Huawei | OSCA-550AX, OSCA-550X |
Affected:
1.0.0.71(SP2)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:53:58.522Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-01-osca-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HEGE-560",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.1.20(SP2)"
}
]
},
{
"product": "OSCA-550, OSCA-550A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.0.71(SP1)"
}
]
},
{
"product": "OSCA-550AX, OSCA-550X",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.0.71(SP2)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Huawei HEGE-560 version 1.0.1.20(SP2); OSCA-550 and OSCA-550A version 1.0.0.71(SP1); and OSCA-550AX and OSCA-550X version 1.0.0.71(SP2) have an insufficient authentication vulnerability. An attacker can access the device physically and perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker obtain high privilege."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insufficient Authentication",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-18T03:03:52.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-01-osca-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1842",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HEGE-560",
"version": {
"version_data": [
{
"version_value": "1.0.1.20(SP2)"
}
]
}
},
{
"product_name": "OSCA-550, OSCA-550A",
"version": {
"version_data": [
{
"version_value": "1.0.0.71(SP1)"
}
]
}
},
{
"product_name": "OSCA-550AX, OSCA-550X",
"version": {
"version_data": [
{
"version_value": "1.0.0.71(SP2)"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei HEGE-560 version 1.0.1.20(SP2); OSCA-550 and OSCA-550A version 1.0.0.71(SP1); and OSCA-550AX and OSCA-550X version 1.0.0.71(SP2) have an insufficient authentication vulnerability. An attacker can access the device physically and perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker obtain high privilege."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-01-osca-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-01-osca-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1842",
"datePublished": "2020-02-18T03:03:52.000Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-08-04T06:53:58.522Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1855 (GCVE-0-2020-1855)
Vulnerability from cvelistv5 – Published: 2020-02-18 02:28 – Updated: 2024-08-04 06:53
VLAI
Summary
Huawei HEGE-570 version 1.0.1.22(SP3); and HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X version 1.0.1.21(SP3) have an insufficient verification vulnerability. An attacker can access the device physically and exploit this vulnerability to tamper with device information. Successful exploit may cause service abnormal.
Severity
No CVSS data available.
CWE
- Insufficient Verification
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://www.huawei.com/en/psirt/security-advisorie… | x_refsource_CONFIRM |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Huawei | HEGE-570 |
Affected:
1.0.1.22(SP3)
|
|
| Huawei | HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, OSCA-550X |
Affected:
1.0.1.21(SP3)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:53:58.916Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-03-osca-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HEGE-570",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.1.22(SP3)"
}
]
},
{
"product": "HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, OSCA-550X",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.1.21(SP3)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Huawei HEGE-570 version 1.0.1.22(SP3); and HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X version 1.0.1.21(SP3) have an insufficient verification vulnerability. An attacker can access the device physically and exploit this vulnerability to tamper with device information. Successful exploit may cause service abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insufficient Verification",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-18T02:28:18.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-03-osca-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1855",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HEGE-570",
"version": {
"version_data": [
{
"version_value": "1.0.1.22(SP3)"
}
]
}
},
{
"product_name": "HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, OSCA-550X",
"version": {
"version_data": [
{
"version_value": "1.0.1.21(SP3)"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei HEGE-570 version 1.0.1.22(SP3); and HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X version 1.0.1.21(SP3) have an insufficient verification vulnerability. An attacker can access the device physically and exploit this vulnerability to tamper with device information. Successful exploit may cause service abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient Verification"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-03-osca-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-03-osca-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1855",
"datePublished": "2020-02-18T02:28:18.000Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-08-04T06:53:58.916Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1843 (GCVE-0-2020-1843)
Vulnerability from cvelistv5 – Published: 2020-02-18 02:14 – Updated: 2024-08-04 06:53
VLAI
Summary
Huawei HEGE-560 version 1.0.1.20(SP2), OSCA-550 version 1.0.0.71(SP1), OSCA-550A version 1.0.0.71(SP1), OSCA-550AX version 1.0.0.71(SP2), and OSCA-550X version 1.0.0.71(SP2) have an insufficient verification vulnerability. An attacker can perform specific operations to exploit this vulnerability by physical access methods. Successful exploitation may cause the attacker perform an illegal operation.
Severity
No CVSS data available.
CWE
- Insufficient Authentication
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://www.huawei.com/en/psirt/security-advisorie… | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:53:58.926Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-02-osca-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HEGE-560",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.1.20(SP2)"
}
]
},
{
"product": "OSCA-550",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.0.71(SP1)"
}
]
},
{
"product": "OSCA-550A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.0.71(SP1)"
}
]
},
{
"product": "OSCA-550AX",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.0.71(SP2)"
}
]
},
{
"product": "OSCA-550X",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.0.71(SP2)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Huawei HEGE-560 version 1.0.1.20(SP2), OSCA-550 version 1.0.0.71(SP1), OSCA-550A version 1.0.0.71(SP1), OSCA-550AX version 1.0.0.71(SP2), and OSCA-550X version 1.0.0.71(SP2) have an insufficient verification vulnerability. An attacker can perform specific operations to exploit this vulnerability by physical access methods. Successful exploitation may cause the attacker perform an illegal operation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insufficient Authentication",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-18T02:14:55.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-02-osca-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1843",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HEGE-560",
"version": {
"version_data": [
{
"version_value": "1.0.1.20(SP2)"
}
]
}
},
{
"product_name": "OSCA-550",
"version": {
"version_data": [
{
"version_value": "1.0.0.71(SP1)"
}
]
}
},
{
"product_name": "OSCA-550A",
"version": {
"version_data": [
{
"version_value": "1.0.0.71(SP1)"
}
]
}
},
{
"product_name": "OSCA-550AX",
"version": {
"version_data": [
{
"version_value": "1.0.0.71(SP2)"
}
]
}
},
{
"product_name": "OSCA-550X",
"version": {
"version_data": [
{
"version_value": "1.0.0.71(SP2)"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei HEGE-560 version 1.0.1.20(SP2), OSCA-550 version 1.0.0.71(SP1), OSCA-550A version 1.0.0.71(SP1), OSCA-550AX version 1.0.0.71(SP2), and OSCA-550X version 1.0.0.71(SP2) have an insufficient verification vulnerability. An attacker can perform specific operations to exploit this vulnerability by physical access methods. Successful exploitation may cause the attacker perform an illegal operation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-02-osca-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-02-osca-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1843",
"datePublished": "2020-02-18T02:14:55.000Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-08-04T06:53:58.926Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}