Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for oceanstor_5310_firmware by huawei

    CVE-2020-9098 (GCVE-0-2020-9098)

    Vulnerability from nvd – Published: 2020-04-30 21:25 – Updated: 2024-08-04 10:19
    VLAI
    Summary
    Huawei OceanStor 5310 product with version of V500R007C60SPC100 has an invalid pointer access vulnerability. The software system access an invalid pointer when attacker malformed packet. Due to the insufficient validation of some parameter, successful exploit could cause device reboot.
    Severity
    No CVSS data available.
    CWE
    • Invalid Pointer Access
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a OceanStor 5310 V5 Affected: V500R007C60SPC100
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:19:19.683Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "OceanStor 5310 V5",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "V500R007C60SPC100"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Huawei OceanStor 5310 product with version of V500R007C60SPC100 has an invalid pointer access vulnerability. The software system access an invalid pointer when attacker malformed packet. Due to the insufficient validation of some parameter, successful exploit could cause device reboot."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Invalid Pointer Access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-05-01T05:06:05.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2020-9098",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "OceanStor 5310 V5",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "V500R007C60SPC100"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Huawei OceanStor 5310 product with version of V500R007C60SPC100 has an invalid pointer access vulnerability. The software system access an invalid pointer when attacker malformed packet. Due to the insufficient validation of some parameter, successful exploit could cause device reboot."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Invalid Pointer Access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
                },
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en",
                  "refsource": "CONFIRM",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2020-9098",
        "datePublished": "2020-04-30T21:25:23.000Z",
        "dateReserved": "2020-02-18T00:00:00.000Z",
        "dateUpdated": "2024-08-04T10:19:19.683Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-1881 (GCVE-0-2020-1881)

    Vulnerability from nvd – Published: 2020-02-28 18:33 – Updated: 2024-08-04 06:53
    VLAI
    Summary
    NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability. An attacker needs to perform specific operations to trigger a function of the affected device. Due to improper resource management of the function, the vulnerability can be exploited to cause service abnormal on affected devices.
    Severity
    No CVSS data available.
    CWE
    • Resource Management Error
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a NIP6800;Secospace USG6600;USG9500 Affected: V500R001C30
    Affected: V500R001C30SPC200,V500R001C30SPC600
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T06:53:59.870Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-02-resource-en"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "NIP6800;Secospace USG6600;USG9500",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "V500R001C30"
                },
                {
                  "status": "affected",
                  "version": "V500R001C30SPC200,V500R001C30SPC600"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability. An attacker needs to perform specific operations to trigger a function of the affected device. Due to improper resource management of the function, the vulnerability can be exploited to cause service abnormal on affected devices."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Resource Management Error",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-04-30T04:06:13.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-02-resource-en"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2020-1881",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "NIP6800;Secospace USG6600;USG9500",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "V500R001C30"
                              },
                              {
                                "version_value": "V500R001C30SPC200,V500R001C30SPC600"
                              },
                              {
                                "version_value": "V500R001C30SPC200,V500R001C30SPC600"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability. An attacker needs to perform specific operations to trigger a function of the affected device. Due to improper resource management of the function, the vulnerability can be exploited to cause service abnormal on affected devices."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Resource Management Error"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-02-resource-en",
                  "refsource": "MISC",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-02-resource-en"
                },
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2020-1881",
        "datePublished": "2020-02-28T18:33:30.000Z",
        "dateReserved": "2019-11-29T00:00:00.000Z",
        "dateUpdated": "2024-08-04T06:53:59.870Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9098 (GCVE-0-2020-9098)

    Vulnerability from cvelistv5 – Published: 2020-04-30 21:25 – Updated: 2024-08-04 10:19
    VLAI
    Summary
    Huawei OceanStor 5310 product with version of V500R007C60SPC100 has an invalid pointer access vulnerability. The software system access an invalid pointer when attacker malformed packet. Due to the insufficient validation of some parameter, successful exploit could cause device reboot.
    Severity
    No CVSS data available.
    CWE
    • Invalid Pointer Access
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a OceanStor 5310 V5 Affected: V500R007C60SPC100
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:19:19.683Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "OceanStor 5310 V5",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "V500R007C60SPC100"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Huawei OceanStor 5310 product with version of V500R007C60SPC100 has an invalid pointer access vulnerability. The software system access an invalid pointer when attacker malformed packet. Due to the insufficient validation of some parameter, successful exploit could cause device reboot."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Invalid Pointer Access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-05-01T05:06:05.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2020-9098",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "OceanStor 5310 V5",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "V500R007C60SPC100"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Huawei OceanStor 5310 product with version of V500R007C60SPC100 has an invalid pointer access vulnerability. The software system access an invalid pointer when attacker malformed packet. Due to the insufficient validation of some parameter, successful exploit could cause device reboot."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Invalid Pointer Access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
                },
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en",
                  "refsource": "CONFIRM",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2020-9098",
        "datePublished": "2020-04-30T21:25:23.000Z",
        "dateReserved": "2020-02-18T00:00:00.000Z",
        "dateUpdated": "2024-08-04T10:19:19.683Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-1881 (GCVE-0-2020-1881)

    Vulnerability from cvelistv5 – Published: 2020-02-28 18:33 – Updated: 2024-08-04 06:53
    VLAI
    Summary
    NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability. An attacker needs to perform specific operations to trigger a function of the affected device. Due to improper resource management of the function, the vulnerability can be exploited to cause service abnormal on affected devices.
    Severity
    No CVSS data available.
    CWE
    • Resource Management Error
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a NIP6800;Secospace USG6600;USG9500 Affected: V500R001C30
    Affected: V500R001C30SPC200,V500R001C30SPC600
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T06:53:59.870Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-02-resource-en"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "NIP6800;Secospace USG6600;USG9500",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "V500R001C30"
                },
                {
                  "status": "affected",
                  "version": "V500R001C30SPC200,V500R001C30SPC600"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability. An attacker needs to perform specific operations to trigger a function of the affected device. Due to improper resource management of the function, the vulnerability can be exploited to cause service abnormal on affected devices."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Resource Management Error",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-04-30T04:06:13.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-02-resource-en"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2020-1881",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "NIP6800;Secospace USG6600;USG9500",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "V500R001C30"
                              },
                              {
                                "version_value": "V500R001C30SPC200,V500R001C30SPC600"
                              },
                              {
                                "version_value": "V500R001C30SPC200,V500R001C30SPC600"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability. An attacker needs to perform specific operations to trigger a function of the affected device. Due to improper resource management of the function, the vulnerability can be exploited to cause service abnormal on affected devices."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Resource Management Error"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-02-resource-en",
                  "refsource": "MISC",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-02-resource-en"
                },
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2020-1881",
        "datePublished": "2020-02-28T18:33:30.000Z",
        "dateReserved": "2019-11-29T00:00:00.000Z",
        "dateUpdated": "2024-08-04T06:53:59.870Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }