VAR-202006-1714
Vulnerability from variot - Updated: 2024-11-23 22:55There is a few bytes out-of-bounds read vulnerability in some Huawei products. The software reads data past the end of the intended buffer when parsing certain message, an authenticated attacker could exploit this vulnerability by sending crafted messages to the device. Successful exploit may cause service abnormal in specific scenario.Affected product versions include:AR120-S versions V200R007C00SPC900,V200R007C00SPCa00. plural Huawei The product contains an out-of-bounds read vulnerability.Service operation interruption (DoS) It may be put into a state. Huawei AR1200 is an enterprise router of Huawei.
There are buffer error vulnerabilities in many Huawei products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-1714",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ar3200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spc900"
},
{
"model": "ar150",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spc900"
},
{
"model": "ar3200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcb00"
},
{
"model": "ar3600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcb00pwe"
},
{
"model": "ar3200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spca00"
},
{
"model": "ar200-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spc900"
},
{
"model": "ar150",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcb00"
},
{
"model": "ar2200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcb00pwe"
},
{
"model": "ar200-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcb00"
},
{
"model": "ar120-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcc00"
},
{
"model": "srg3300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcc00"
},
{
"model": "ar3600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcc00"
},
{
"model": "ar2200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcc00"
},
{
"model": "ar150",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcb00pwe"
},
{
"model": "ar3200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcb00pwe"
},
{
"model": "ar160",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spc900pwe"
},
{
"model": "ar200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spc900pwe"
},
{
"model": "ar3200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcc00"
},
{
"model": "ar150",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcc00"
},
{
"model": "srg1300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spc900"
},
{
"model": "ar1200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spc900"
},
{
"model": "ar200-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcc00"
},
{
"model": "ar1200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spca00"
},
{
"model": "ar510",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spc900"
},
{
"model": "netengine16ex",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spc900"
},
{
"model": "srg1300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcb00"
},
{
"model": "ar1200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcb00"
},
{
"model": "ar3600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spc900pwe"
},
{
"model": "ar150-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spc900"
},
{
"model": "ar3200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00"
},
{
"model": "ar2200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spc900pwe"
},
{
"model": "netengine16ex",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcb00"
},
{
"model": "srg2300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spc900"
},
{
"model": "ar1200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcb00pwe"
},
{
"model": "ar1200-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spc900"
},
{
"model": "ar150-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcb00"
},
{
"model": "ar2200-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spc900"
},
{
"model": "ar3200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spc900pwe"
},
{
"model": "srg2300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcb00"
},
{
"model": "ar1200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcc00"
},
{
"model": "ar1200-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcb00"
},
{
"model": "ar150",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spc900pwe"
},
{
"model": "ar200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spc900"
},
{
"model": "ar2200-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcb00"
},
{
"model": "srg1300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcc00"
},
{
"model": "ar160",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spc900"
},
{
"model": "ar160",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcb00"
},
{
"model": "ar200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcb00"
},
{
"model": "netengine16ex",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcc00"
},
{
"model": "ar150-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcc00"
},
{
"model": "ar160",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcc00"
},
{
"model": "srg3300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spc900"
},
{
"model": "ar3600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spc900"
},
{
"model": "srg2300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcc00"
},
{
"model": "ar1200-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcc00"
},
{
"model": "ar160",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcb00pwe"
},
{
"model": "ar120-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spc900"
},
{
"model": "ar200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcb00pwe"
},
{
"model": "ar120-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcb00"
},
{
"model": "ar2200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spc900"
},
{
"model": "ar2200-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcc00"
},
{
"model": "ar120-s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spca00"
},
{
"model": "ar3600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcb00"
},
{
"model": "ar200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcc00"
},
{
"model": "srg3300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcb00"
},
{
"model": "ar2200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spcb00"
},
{
"model": "ar1200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spc900pwe"
},
{
"model": "ar2200",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r007c00spca00"
},
{
"model": "ar120-s",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ar1200",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ar1200-s",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ar150",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ar150-s",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ar160",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ar200",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ar200-s",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ar2200",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ar2200-s",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "ar3200 v200r007c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar3200 v200r007c00spc900",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar3200 v200r007c00spca00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar3200 v200r007c00spcb00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar3200 v200r007c00spcc00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar120-s v200r007c00spc900",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar120-s v200r007c00spca00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar120-s v200r007c00spcb00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar120-s v200r007c00spcc00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar1200 v200r007c00spc900",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar1200 v200r007c00spc900pwe",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar1200 v200r007c00spca00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar1200 v200r007c00spcb00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar1200 v200r007c00spcb00pwe",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar1200 v200r007c00spcc00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar1200-s v200r007c00spc900",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar1200-s v200r007c00spcb00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar1200-s v200r007c00spcc00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar150 v200r007c00spc900",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar150 v200r007c00spcb00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar150 v200r007c00spcb00pwe",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar150 v200r007c00spcc00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar150-s v200r007c00spc900",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar150-s v200r007c00spcb00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar150-s v200r007c00spcc00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar160 v200r007c00spc900",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar160 v200r007c00spc900pwe",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar160 v200r007c00spcb00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar160 v200r007c00spcb00pwe",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar160 v200r007c00spcc00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar200 v200r007c00spc900",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar200 v200r007c00spc900pwe",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar200 v200r007c00spcb00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar200 v200r007c00spcb00pwe",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar200 v200r007c00spcc00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar2200 v200r007c00spc900",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar2200 v200r007c00spc900pwe",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar2200 v200r007c00spcb00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar2200 v200r007c00spcb00pwe",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar2200 v200r007c00spcc00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar3600 v200r007c00spc900",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar3600 v200r007c00spc900pwe",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar3600 v200r007c00spcb00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar3600 v200r007c00spcb00pwe",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar3600 v200r007c00spcc00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar510 v200r007c00spc900",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "netengine16ex v200r007c00spc900",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "netengine16ex v200r007c00spcb00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "netengine16ex v200r007c00spcc00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "srg1300 v200r007c00spc900",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "srg1300 v200r007c00spcb00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "srg1300 v200r007c00spcc00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "srg2300 v200r007c00spc900",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "srg2300 v200r007c00spcb00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "srg2300 v200r007c00spcc00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "srg3300 v200r007c00spc900",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "srg3300 v200r007c00spcb00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "srg3300 v200r007c00spcc00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar200-s v200r007c00spc900",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar200-s v200r007c00spcb00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar200-s v200r007c00spcc00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar2200-s v200r007c00spc900",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar2200-s v200r007c00spcb00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "ar2200-s v200r007c00spcc00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28979"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005987"
},
{
"db": "NVD",
"id": "CVE-2020-9071"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:huawei:ar120-s_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:ar1200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:ar1200-s_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:ar150_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:ar150-s_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:ar160_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:ar200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:ar200-s_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:ar2200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:ar2200-s_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-005987"
}
]
},
"cve": "CVE-2020-9071",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CVE-2020-9071",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-005987",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 1.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.2,
"id": "CNVD-2020-28979",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:A/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2020-9071",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-005987",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-9071",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2020-005987",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-28979",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1128",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28979"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005987"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1128"
},
{
"db": "NVD",
"id": "CVE-2020-9071"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "There is a few bytes out-of-bounds read vulnerability in some Huawei products. The software reads data past the end of the intended buffer when parsing certain message, an authenticated attacker could exploit this vulnerability by sending crafted messages to the device. Successful exploit may cause service abnormal in specific scenario.Affected product versions include:AR120-S versions V200R007C00SPC900,V200R007C00SPCa00. plural Huawei The product contains an out-of-bounds read vulnerability.Service operation interruption (DoS) It may be put into a state. Huawei AR1200 is an enterprise router of Huawei. \n\r\n\r\nThere are buffer error vulnerabilities in many Huawei products",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-9071"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005987"
},
{
"db": "CNVD",
"id": "CNVD-2020-28979"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-9071",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005987",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-28979",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1128",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28979"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005987"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1128"
},
{
"db": "NVD",
"id": "CVE-2020-9071"
}
]
},
"id": "VAR-202006-1714",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28979"
}
],
"trust": 1.5564387067187502
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28979"
}
]
},
"last_update_date": "2024-11-23T22:55:07.635000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20200415-01-oob",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-01-oob-en"
},
{
"title": "Patch for Multiple Huawei products cross-border reading vulnerability (CNVD-2020-28979)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/218005"
},
{
"title": "Multiple Huawei Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116855"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28979"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005987"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1128"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-005987"
},
{
"db": "NVD",
"id": "CVE-2020-9071"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-01-oob-en"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9071"
},
{
"trust": 1.2,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200415-01-oob-cn"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-9071"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28979"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005987"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1128"
},
{
"db": "NVD",
"id": "CVE-2020-9071"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-28979"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005987"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1128"
},
{
"db": "NVD",
"id": "CVE-2020-9071"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-28979"
},
{
"date": "2020-06-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-005987"
},
{
"date": "2020-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1128"
},
{
"date": "2020-06-01T15:15:14.840000",
"db": "NVD",
"id": "CVE-2020-9071"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-28979"
},
{
"date": "2020-06-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-005987"
},
{
"date": "2020-06-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1128"
},
{
"date": "2024-11-21T05:39:58.290000",
"db": "NVD",
"id": "CVE-2020-9071"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1128"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Out-of-bounds read vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-005987"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1128"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…