Search criteria
12 vulnerabilities found for osca-550a_firmware by huawei
CVE-2020-1802 (GCVE-0-2020-1802)
Vulnerability from nvd – Published: 2020-04-10 13:59 – Updated: 2024-08-04 06:46
VLAI
Summary
There is an insufficient integrity validation vulnerability in several products. The device does not sufficiently validate the integrity of certain file in certain loading processes, successful exploit could allow the attacker to load a crafted file to the device through USB.Affected product versions include:OSCA-550 versions 1.0.1.23(SP2);OSCA-550A versions 1.0.1.23(SP2);OSCA-550AX versions 1.0.1.23(SP2);OSCA-550X versions 1.0.1.23(SP2).
Severity
No CVSS data available.
CWE
- Insufficient Integrity Validation
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.huawei.com/en/psirt/security-advisori… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | OSCA-550;OSCA-550A;OSCA-550AX;OSCA-550X |
Affected:
1.0.1.23(SP2)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:46:30.898Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200408-01-osca-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OSCA-550;OSCA-550A;OSCA-550AX;OSCA-550X",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "1.0.1.23(SP2)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an insufficient integrity validation vulnerability in several products. The device does not sufficiently validate the integrity of certain file in certain loading processes, successful exploit could allow the attacker to load a crafted file to the device through USB.Affected product versions include:OSCA-550 versions 1.0.1.23(SP2);OSCA-550A versions 1.0.1.23(SP2);OSCA-550AX versions 1.0.1.23(SP2);OSCA-550X versions 1.0.1.23(SP2)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insufficient Integrity Validation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-10T13:59:56.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200408-01-osca-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1802",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OSCA-550;OSCA-550A;OSCA-550AX;OSCA-550X",
"version": {
"version_data": [
{
"version_value": "1.0.1.23(SP2)"
},
{
"version_value": "1.0.1.23(SP2)"
},
{
"version_value": "1.0.1.23(SP2)"
},
{
"version_value": "1.0.1.23(SP2)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an insufficient integrity validation vulnerability in several products. The device does not sufficiently validate the integrity of certain file in certain loading processes, successful exploit could allow the attacker to load a crafted file to the device through USB.Affected product versions include:OSCA-550 versions 1.0.1.23(SP2);OSCA-550A versions 1.0.1.23(SP2);OSCA-550AX versions 1.0.1.23(SP2);OSCA-550X versions 1.0.1.23(SP2)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient Integrity Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200408-01-osca-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200408-01-osca-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1802",
"datePublished": "2020-04-10T13:59:56.000Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-08-04T06:46:30.898Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1879 (GCVE-0-2020-1879)
Vulnerability from nvd – Published: 2020-03-20 15:02 – Updated: 2024-08-04 06:53
VLAI
Summary
There is an improper integrity checking vulnerability on some huawei products. The software of the affected product has an improper integrity check which may allow an attacker with high privilege to make malicious modifications.Affected product versions include:HEGE-560 versions 1.0.1.21(SP3);HEGE-570 versions 1.0.1.22(SP3);OSCA-550 versions 1.0.1.21(SP3);OSCA-550A versions 1.0.1.21(SP3);OSCA-550AX versions 1.0.1.21(SP3);OSCA-550X versions 1.0.1.21(SP3).
Severity
No CVSS data available.
CWE
- Improper Integrity Checking
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.huawei.com/en/psirt/security-advisori… | x_refsource_MISC |
| http://www.huawei.com/en/psirt/security-advisorie… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | HEGE-560;HEGE-570;OSCA-550;OSCA-550A;OSCA-550AX;OSCA-550X |
Affected:
1.0.1.21(SP3)
Affected: 1.0.1.22(SP3) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:53:59.797Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200311-01-integrity-en"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-02-dos-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HEGE-560;HEGE-570;OSCA-550;OSCA-550A;OSCA-550AX;OSCA-550X",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "1.0.1.21(SP3)"
},
{
"status": "affected",
"version": "1.0.1.22(SP3)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an improper integrity checking vulnerability on some huawei products. The software of the affected product has an improper integrity check which may allow an attacker with high privilege to make malicious modifications.Affected product versions include:HEGE-560 versions 1.0.1.21(SP3);HEGE-570 versions 1.0.1.22(SP3);OSCA-550 versions 1.0.1.21(SP3);OSCA-550A versions 1.0.1.21(SP3);OSCA-550AX versions 1.0.1.21(SP3);OSCA-550X versions 1.0.1.21(SP3)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Integrity Checking",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-16T12:06:04.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200311-01-integrity-en"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-02-dos-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1879",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HEGE-560;HEGE-570;OSCA-550;OSCA-550A;OSCA-550AX;OSCA-550X",
"version": {
"version_data": [
{
"version_value": "1.0.1.21(SP3)"
},
{
"version_value": "1.0.1.22(SP3)"
},
{
"version_value": "1.0.1.21(SP3)"
},
{
"version_value": "1.0.1.21(SP3)"
},
{
"version_value": "1.0.1.21(SP3)"
},
{
"version_value": "1.0.1.21(SP3)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an improper integrity checking vulnerability on some huawei products. The software of the affected product has an improper integrity check which may allow an attacker with high privilege to make malicious modifications.Affected product versions include:HEGE-560 versions 1.0.1.21(SP3);HEGE-570 versions 1.0.1.22(SP3);OSCA-550 versions 1.0.1.21(SP3);OSCA-550A versions 1.0.1.21(SP3);OSCA-550AX versions 1.0.1.21(SP3);OSCA-550X versions 1.0.1.21(SP3)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Integrity Checking"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200311-01-integrity-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200311-01-integrity-en"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-02-dos-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-02-dos-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1879",
"datePublished": "2020-03-20T15:02:28.000Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-08-04T06:53:59.797Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1842 (GCVE-0-2020-1842)
Vulnerability from nvd – Published: 2020-02-18 03:03 – Updated: 2024-08-04 06:53
VLAI
Summary
Huawei HEGE-560 version 1.0.1.20(SP2); OSCA-550 and OSCA-550A version 1.0.0.71(SP1); and OSCA-550AX and OSCA-550X version 1.0.0.71(SP2) have an insufficient authentication vulnerability. An attacker can access the device physically and perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker obtain high privilege.
Severity
No CVSS data available.
CWE
- Insufficient Authentication
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://www.huawei.com/en/psirt/security-advisorie… | x_refsource_CONFIRM |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Huawei | HEGE-560 |
Affected:
1.0.1.20(SP2)
|
|
| Huawei | OSCA-550, OSCA-550A |
Affected:
1.0.0.71(SP1)
|
|
| Huawei | OSCA-550AX, OSCA-550X |
Affected:
1.0.0.71(SP2)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:53:58.522Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-01-osca-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HEGE-560",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.1.20(SP2)"
}
]
},
{
"product": "OSCA-550, OSCA-550A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.0.71(SP1)"
}
]
},
{
"product": "OSCA-550AX, OSCA-550X",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.0.71(SP2)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Huawei HEGE-560 version 1.0.1.20(SP2); OSCA-550 and OSCA-550A version 1.0.0.71(SP1); and OSCA-550AX and OSCA-550X version 1.0.0.71(SP2) have an insufficient authentication vulnerability. An attacker can access the device physically and perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker obtain high privilege."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insufficient Authentication",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-18T03:03:52.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-01-osca-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1842",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HEGE-560",
"version": {
"version_data": [
{
"version_value": "1.0.1.20(SP2)"
}
]
}
},
{
"product_name": "OSCA-550, OSCA-550A",
"version": {
"version_data": [
{
"version_value": "1.0.0.71(SP1)"
}
]
}
},
{
"product_name": "OSCA-550AX, OSCA-550X",
"version": {
"version_data": [
{
"version_value": "1.0.0.71(SP2)"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei HEGE-560 version 1.0.1.20(SP2); OSCA-550 and OSCA-550A version 1.0.0.71(SP1); and OSCA-550AX and OSCA-550X version 1.0.0.71(SP2) have an insufficient authentication vulnerability. An attacker can access the device physically and perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker obtain high privilege."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-01-osca-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-01-osca-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1842",
"datePublished": "2020-02-18T03:03:52.000Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-08-04T06:53:58.522Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1855 (GCVE-0-2020-1855)
Vulnerability from nvd – Published: 2020-02-18 02:28 – Updated: 2024-08-04 06:53
VLAI
Summary
Huawei HEGE-570 version 1.0.1.22(SP3); and HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X version 1.0.1.21(SP3) have an insufficient verification vulnerability. An attacker can access the device physically and exploit this vulnerability to tamper with device information. Successful exploit may cause service abnormal.
Severity
No CVSS data available.
CWE
- Insufficient Verification
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://www.huawei.com/en/psirt/security-advisorie… | x_refsource_CONFIRM |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Huawei | HEGE-570 |
Affected:
1.0.1.22(SP3)
|
|
| Huawei | HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, OSCA-550X |
Affected:
1.0.1.21(SP3)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:53:58.916Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-03-osca-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HEGE-570",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.1.22(SP3)"
}
]
},
{
"product": "HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, OSCA-550X",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.1.21(SP3)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Huawei HEGE-570 version 1.0.1.22(SP3); and HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X version 1.0.1.21(SP3) have an insufficient verification vulnerability. An attacker can access the device physically and exploit this vulnerability to tamper with device information. Successful exploit may cause service abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insufficient Verification",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-18T02:28:18.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-03-osca-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1855",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HEGE-570",
"version": {
"version_data": [
{
"version_value": "1.0.1.22(SP3)"
}
]
}
},
{
"product_name": "HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, OSCA-550X",
"version": {
"version_data": [
{
"version_value": "1.0.1.21(SP3)"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei HEGE-570 version 1.0.1.22(SP3); and HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X version 1.0.1.21(SP3) have an insufficient verification vulnerability. An attacker can access the device physically and exploit this vulnerability to tamper with device information. Successful exploit may cause service abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient Verification"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-03-osca-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-03-osca-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1855",
"datePublished": "2020-02-18T02:28:18.000Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-08-04T06:53:58.916Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1843 (GCVE-0-2020-1843)
Vulnerability from nvd – Published: 2020-02-18 02:14 – Updated: 2024-08-04 06:53
VLAI
Summary
Huawei HEGE-560 version 1.0.1.20(SP2), OSCA-550 version 1.0.0.71(SP1), OSCA-550A version 1.0.0.71(SP1), OSCA-550AX version 1.0.0.71(SP2), and OSCA-550X version 1.0.0.71(SP2) have an insufficient verification vulnerability. An attacker can perform specific operations to exploit this vulnerability by physical access methods. Successful exploitation may cause the attacker perform an illegal operation.
Severity
No CVSS data available.
CWE
- Insufficient Authentication
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://www.huawei.com/en/psirt/security-advisorie… | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:53:58.926Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-02-osca-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HEGE-560",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.1.20(SP2)"
}
]
},
{
"product": "OSCA-550",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.0.71(SP1)"
}
]
},
{
"product": "OSCA-550A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.0.71(SP1)"
}
]
},
{
"product": "OSCA-550AX",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.0.71(SP2)"
}
]
},
{
"product": "OSCA-550X",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.0.71(SP2)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Huawei HEGE-560 version 1.0.1.20(SP2), OSCA-550 version 1.0.0.71(SP1), OSCA-550A version 1.0.0.71(SP1), OSCA-550AX version 1.0.0.71(SP2), and OSCA-550X version 1.0.0.71(SP2) have an insufficient verification vulnerability. An attacker can perform specific operations to exploit this vulnerability by physical access methods. Successful exploitation may cause the attacker perform an illegal operation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insufficient Authentication",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-18T02:14:55.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-02-osca-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1843",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HEGE-560",
"version": {
"version_data": [
{
"version_value": "1.0.1.20(SP2)"
}
]
}
},
{
"product_name": "OSCA-550",
"version": {
"version_data": [
{
"version_value": "1.0.0.71(SP1)"
}
]
}
},
{
"product_name": "OSCA-550A",
"version": {
"version_data": [
{
"version_value": "1.0.0.71(SP1)"
}
]
}
},
{
"product_name": "OSCA-550AX",
"version": {
"version_data": [
{
"version_value": "1.0.0.71(SP2)"
}
]
}
},
{
"product_name": "OSCA-550X",
"version": {
"version_data": [
{
"version_value": "1.0.0.71(SP2)"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei HEGE-560 version 1.0.1.20(SP2), OSCA-550 version 1.0.0.71(SP1), OSCA-550A version 1.0.0.71(SP1), OSCA-550AX version 1.0.0.71(SP2), and OSCA-550X version 1.0.0.71(SP2) have an insufficient verification vulnerability. An attacker can perform specific operations to exploit this vulnerability by physical access methods. Successful exploitation may cause the attacker perform an illegal operation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-02-osca-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-02-osca-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1843",
"datePublished": "2020-02-18T02:14:55.000Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-08-04T06:53:58.926Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1789 (GCVE-0-2020-1789)
Vulnerability from nvd – Published: 2020-02-18 02:50 – Updated: 2024-08-04 06:46
VLAI
Summary
Huawei OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X products with version 1.0.1.21(SP3) have an insufficient authentication vulnerability. The software does not require a strong credential when the user trying to do certain operations. Successful exploit could allow an attacker to pass the authentication and do certain operations by a weak credential.
Severity
No CVSS data available.
CWE
- Insufficient Authentication
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://www.huawei.com/en/psirt/security-advisorie… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Huawei | OSCA-550, OSCA-550A, OSCA-550AX, OSCA-550X |
Affected:
1.0.1.21(SP3)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:46:30.901Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200121-01-osca-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OSCA-550, OSCA-550A, OSCA-550AX, OSCA-550X",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.1.21(SP3)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Huawei OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X products with version 1.0.1.21(SP3) have an insufficient authentication vulnerability. The software does not require a strong credential when the user trying to do certain operations. Successful exploit could allow an attacker to pass the authentication and do certain operations by a weak credential."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insufficient Authentication",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-18T02:50:43.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200121-01-osca-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1789",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OSCA-550, OSCA-550A, OSCA-550AX, OSCA-550X",
"version": {
"version_data": [
{
"version_value": "1.0.1.21(SP3)"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X products with version 1.0.1.21(SP3) have an insufficient authentication vulnerability. The software does not require a strong credential when the user trying to do certain operations. Successful exploit could allow an attacker to pass the authentication and do certain operations by a weak credential."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200121-01-osca-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200121-01-osca-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1789",
"datePublished": "2020-02-18T02:50:43.000Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-08-04T06:46:30.901Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1802 (GCVE-0-2020-1802)
Vulnerability from cvelistv5 – Published: 2020-04-10 13:59 – Updated: 2024-08-04 06:46
VLAI
Summary
There is an insufficient integrity validation vulnerability in several products. The device does not sufficiently validate the integrity of certain file in certain loading processes, successful exploit could allow the attacker to load a crafted file to the device through USB.Affected product versions include:OSCA-550 versions 1.0.1.23(SP2);OSCA-550A versions 1.0.1.23(SP2);OSCA-550AX versions 1.0.1.23(SP2);OSCA-550X versions 1.0.1.23(SP2).
Severity
No CVSS data available.
CWE
- Insufficient Integrity Validation
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.huawei.com/en/psirt/security-advisori… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | OSCA-550;OSCA-550A;OSCA-550AX;OSCA-550X |
Affected:
1.0.1.23(SP2)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:46:30.898Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200408-01-osca-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OSCA-550;OSCA-550A;OSCA-550AX;OSCA-550X",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "1.0.1.23(SP2)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an insufficient integrity validation vulnerability in several products. The device does not sufficiently validate the integrity of certain file in certain loading processes, successful exploit could allow the attacker to load a crafted file to the device through USB.Affected product versions include:OSCA-550 versions 1.0.1.23(SP2);OSCA-550A versions 1.0.1.23(SP2);OSCA-550AX versions 1.0.1.23(SP2);OSCA-550X versions 1.0.1.23(SP2)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insufficient Integrity Validation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-10T13:59:56.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200408-01-osca-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1802",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OSCA-550;OSCA-550A;OSCA-550AX;OSCA-550X",
"version": {
"version_data": [
{
"version_value": "1.0.1.23(SP2)"
},
{
"version_value": "1.0.1.23(SP2)"
},
{
"version_value": "1.0.1.23(SP2)"
},
{
"version_value": "1.0.1.23(SP2)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an insufficient integrity validation vulnerability in several products. The device does not sufficiently validate the integrity of certain file in certain loading processes, successful exploit could allow the attacker to load a crafted file to the device through USB.Affected product versions include:OSCA-550 versions 1.0.1.23(SP2);OSCA-550A versions 1.0.1.23(SP2);OSCA-550AX versions 1.0.1.23(SP2);OSCA-550X versions 1.0.1.23(SP2)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient Integrity Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200408-01-osca-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200408-01-osca-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1802",
"datePublished": "2020-04-10T13:59:56.000Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-08-04T06:46:30.898Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1879 (GCVE-0-2020-1879)
Vulnerability from cvelistv5 – Published: 2020-03-20 15:02 – Updated: 2024-08-04 06:53
VLAI
Summary
There is an improper integrity checking vulnerability on some huawei products. The software of the affected product has an improper integrity check which may allow an attacker with high privilege to make malicious modifications.Affected product versions include:HEGE-560 versions 1.0.1.21(SP3);HEGE-570 versions 1.0.1.22(SP3);OSCA-550 versions 1.0.1.21(SP3);OSCA-550A versions 1.0.1.21(SP3);OSCA-550AX versions 1.0.1.21(SP3);OSCA-550X versions 1.0.1.21(SP3).
Severity
No CVSS data available.
CWE
- Improper Integrity Checking
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.huawei.com/en/psirt/security-advisori… | x_refsource_MISC |
| http://www.huawei.com/en/psirt/security-advisorie… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | HEGE-560;HEGE-570;OSCA-550;OSCA-550A;OSCA-550AX;OSCA-550X |
Affected:
1.0.1.21(SP3)
Affected: 1.0.1.22(SP3) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:53:59.797Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200311-01-integrity-en"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-02-dos-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HEGE-560;HEGE-570;OSCA-550;OSCA-550A;OSCA-550AX;OSCA-550X",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "1.0.1.21(SP3)"
},
{
"status": "affected",
"version": "1.0.1.22(SP3)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an improper integrity checking vulnerability on some huawei products. The software of the affected product has an improper integrity check which may allow an attacker with high privilege to make malicious modifications.Affected product versions include:HEGE-560 versions 1.0.1.21(SP3);HEGE-570 versions 1.0.1.22(SP3);OSCA-550 versions 1.0.1.21(SP3);OSCA-550A versions 1.0.1.21(SP3);OSCA-550AX versions 1.0.1.21(SP3);OSCA-550X versions 1.0.1.21(SP3)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Integrity Checking",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-16T12:06:04.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200311-01-integrity-en"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-02-dos-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1879",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HEGE-560;HEGE-570;OSCA-550;OSCA-550A;OSCA-550AX;OSCA-550X",
"version": {
"version_data": [
{
"version_value": "1.0.1.21(SP3)"
},
{
"version_value": "1.0.1.22(SP3)"
},
{
"version_value": "1.0.1.21(SP3)"
},
{
"version_value": "1.0.1.21(SP3)"
},
{
"version_value": "1.0.1.21(SP3)"
},
{
"version_value": "1.0.1.21(SP3)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an improper integrity checking vulnerability on some huawei products. The software of the affected product has an improper integrity check which may allow an attacker with high privilege to make malicious modifications.Affected product versions include:HEGE-560 versions 1.0.1.21(SP3);HEGE-570 versions 1.0.1.22(SP3);OSCA-550 versions 1.0.1.21(SP3);OSCA-550A versions 1.0.1.21(SP3);OSCA-550AX versions 1.0.1.21(SP3);OSCA-550X versions 1.0.1.21(SP3)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Integrity Checking"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200311-01-integrity-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200311-01-integrity-en"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-02-dos-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-02-dos-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1879",
"datePublished": "2020-03-20T15:02:28.000Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-08-04T06:53:59.797Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1842 (GCVE-0-2020-1842)
Vulnerability from cvelistv5 – Published: 2020-02-18 03:03 – Updated: 2024-08-04 06:53
VLAI
Summary
Huawei HEGE-560 version 1.0.1.20(SP2); OSCA-550 and OSCA-550A version 1.0.0.71(SP1); and OSCA-550AX and OSCA-550X version 1.0.0.71(SP2) have an insufficient authentication vulnerability. An attacker can access the device physically and perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker obtain high privilege.
Severity
No CVSS data available.
CWE
- Insufficient Authentication
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://www.huawei.com/en/psirt/security-advisorie… | x_refsource_CONFIRM |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Huawei | HEGE-560 |
Affected:
1.0.1.20(SP2)
|
|
| Huawei | OSCA-550, OSCA-550A |
Affected:
1.0.0.71(SP1)
|
|
| Huawei | OSCA-550AX, OSCA-550X |
Affected:
1.0.0.71(SP2)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:53:58.522Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-01-osca-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HEGE-560",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.1.20(SP2)"
}
]
},
{
"product": "OSCA-550, OSCA-550A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.0.71(SP1)"
}
]
},
{
"product": "OSCA-550AX, OSCA-550X",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.0.71(SP2)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Huawei HEGE-560 version 1.0.1.20(SP2); OSCA-550 and OSCA-550A version 1.0.0.71(SP1); and OSCA-550AX and OSCA-550X version 1.0.0.71(SP2) have an insufficient authentication vulnerability. An attacker can access the device physically and perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker obtain high privilege."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insufficient Authentication",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-18T03:03:52.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-01-osca-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1842",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HEGE-560",
"version": {
"version_data": [
{
"version_value": "1.0.1.20(SP2)"
}
]
}
},
{
"product_name": "OSCA-550, OSCA-550A",
"version": {
"version_data": [
{
"version_value": "1.0.0.71(SP1)"
}
]
}
},
{
"product_name": "OSCA-550AX, OSCA-550X",
"version": {
"version_data": [
{
"version_value": "1.0.0.71(SP2)"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei HEGE-560 version 1.0.1.20(SP2); OSCA-550 and OSCA-550A version 1.0.0.71(SP1); and OSCA-550AX and OSCA-550X version 1.0.0.71(SP2) have an insufficient authentication vulnerability. An attacker can access the device physically and perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker obtain high privilege."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-01-osca-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-01-osca-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1842",
"datePublished": "2020-02-18T03:03:52.000Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-08-04T06:53:58.522Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1789 (GCVE-0-2020-1789)
Vulnerability from cvelistv5 – Published: 2020-02-18 02:50 – Updated: 2024-08-04 06:46
VLAI
Summary
Huawei OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X products with version 1.0.1.21(SP3) have an insufficient authentication vulnerability. The software does not require a strong credential when the user trying to do certain operations. Successful exploit could allow an attacker to pass the authentication and do certain operations by a weak credential.
Severity
No CVSS data available.
CWE
- Insufficient Authentication
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://www.huawei.com/en/psirt/security-advisorie… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Huawei | OSCA-550, OSCA-550A, OSCA-550AX, OSCA-550X |
Affected:
1.0.1.21(SP3)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:46:30.901Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200121-01-osca-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OSCA-550, OSCA-550A, OSCA-550AX, OSCA-550X",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.1.21(SP3)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Huawei OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X products with version 1.0.1.21(SP3) have an insufficient authentication vulnerability. The software does not require a strong credential when the user trying to do certain operations. Successful exploit could allow an attacker to pass the authentication and do certain operations by a weak credential."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insufficient Authentication",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-18T02:50:43.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200121-01-osca-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1789",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OSCA-550, OSCA-550A, OSCA-550AX, OSCA-550X",
"version": {
"version_data": [
{
"version_value": "1.0.1.21(SP3)"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X products with version 1.0.1.21(SP3) have an insufficient authentication vulnerability. The software does not require a strong credential when the user trying to do certain operations. Successful exploit could allow an attacker to pass the authentication and do certain operations by a weak credential."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200121-01-osca-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200121-01-osca-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1789",
"datePublished": "2020-02-18T02:50:43.000Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-08-04T06:46:30.901Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1855 (GCVE-0-2020-1855)
Vulnerability from cvelistv5 – Published: 2020-02-18 02:28 – Updated: 2024-08-04 06:53
VLAI
Summary
Huawei HEGE-570 version 1.0.1.22(SP3); and HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X version 1.0.1.21(SP3) have an insufficient verification vulnerability. An attacker can access the device physically and exploit this vulnerability to tamper with device information. Successful exploit may cause service abnormal.
Severity
No CVSS data available.
CWE
- Insufficient Verification
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://www.huawei.com/en/psirt/security-advisorie… | x_refsource_CONFIRM |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Huawei | HEGE-570 |
Affected:
1.0.1.22(SP3)
|
|
| Huawei | HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, OSCA-550X |
Affected:
1.0.1.21(SP3)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:53:58.916Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-03-osca-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HEGE-570",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.1.22(SP3)"
}
]
},
{
"product": "HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, OSCA-550X",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.1.21(SP3)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Huawei HEGE-570 version 1.0.1.22(SP3); and HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X version 1.0.1.21(SP3) have an insufficient verification vulnerability. An attacker can access the device physically and exploit this vulnerability to tamper with device information. Successful exploit may cause service abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insufficient Verification",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-18T02:28:18.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-03-osca-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1855",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HEGE-570",
"version": {
"version_data": [
{
"version_value": "1.0.1.22(SP3)"
}
]
}
},
{
"product_name": "HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, OSCA-550X",
"version": {
"version_data": [
{
"version_value": "1.0.1.21(SP3)"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei HEGE-570 version 1.0.1.22(SP3); and HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X version 1.0.1.21(SP3) have an insufficient verification vulnerability. An attacker can access the device physically and exploit this vulnerability to tamper with device information. Successful exploit may cause service abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient Verification"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-03-osca-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-03-osca-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1855",
"datePublished": "2020-02-18T02:28:18.000Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-08-04T06:53:58.916Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1843 (GCVE-0-2020-1843)
Vulnerability from cvelistv5 – Published: 2020-02-18 02:14 – Updated: 2024-08-04 06:53
VLAI
Summary
Huawei HEGE-560 version 1.0.1.20(SP2), OSCA-550 version 1.0.0.71(SP1), OSCA-550A version 1.0.0.71(SP1), OSCA-550AX version 1.0.0.71(SP2), and OSCA-550X version 1.0.0.71(SP2) have an insufficient verification vulnerability. An attacker can perform specific operations to exploit this vulnerability by physical access methods. Successful exploitation may cause the attacker perform an illegal operation.
Severity
No CVSS data available.
CWE
- Insufficient Authentication
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://www.huawei.com/en/psirt/security-advisorie… | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:53:58.926Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-02-osca-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HEGE-560",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.1.20(SP2)"
}
]
},
{
"product": "OSCA-550",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.0.71(SP1)"
}
]
},
{
"product": "OSCA-550A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.0.71(SP1)"
}
]
},
{
"product": "OSCA-550AX",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.0.71(SP2)"
}
]
},
{
"product": "OSCA-550X",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "1.0.0.71(SP2)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Huawei HEGE-560 version 1.0.1.20(SP2), OSCA-550 version 1.0.0.71(SP1), OSCA-550A version 1.0.0.71(SP1), OSCA-550AX version 1.0.0.71(SP2), and OSCA-550X version 1.0.0.71(SP2) have an insufficient verification vulnerability. An attacker can perform specific operations to exploit this vulnerability by physical access methods. Successful exploitation may cause the attacker perform an illegal operation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insufficient Authentication",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-18T02:14:55.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-02-osca-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1843",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HEGE-560",
"version": {
"version_data": [
{
"version_value": "1.0.1.20(SP2)"
}
]
}
},
{
"product_name": "OSCA-550",
"version": {
"version_data": [
{
"version_value": "1.0.0.71(SP1)"
}
]
}
},
{
"product_name": "OSCA-550A",
"version": {
"version_data": [
{
"version_value": "1.0.0.71(SP1)"
}
]
}
},
{
"product_name": "OSCA-550AX",
"version": {
"version_data": [
{
"version_value": "1.0.0.71(SP2)"
}
]
}
},
{
"product_name": "OSCA-550X",
"version": {
"version_data": [
{
"version_value": "1.0.0.71(SP2)"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei HEGE-560 version 1.0.1.20(SP2), OSCA-550 version 1.0.0.71(SP1), OSCA-550A version 1.0.0.71(SP1), OSCA-550AX version 1.0.0.71(SP2), and OSCA-550X version 1.0.0.71(SP2) have an insufficient verification vulnerability. An attacker can perform specific operations to exploit this vulnerability by physical access methods. Successful exploitation may cause the attacker perform an illegal operation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-02-osca-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-02-osca-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1843",
"datePublished": "2020-02-18T02:14:55.000Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-08-04T06:53:58.926Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}