All the vulnerabilites related to HUAWEI - E6878-370
cve-2020-1832
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-stack-en | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T06:46:30.938Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-stack-en" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "E6878-370", "vendor": "Huawei", "versions": [ { "status": "affected", "version": "10.0.3.1(H557SP27C233)" }, { "status": "affected", "version": "10.0.3.1(H563SP1C00)" } ] } ], "descriptions": [ { "lang": "en", "value": "E6878-370 products with versions of 10.0.3.1(H557SP27C233) and 10.0.3.1(H563SP1C00) have a stack buffer overflow vulnerability. The program copies an input buffer to an output buffer without verification. An attacker in the adjacent network could send a crafted message, successful exploit could lead to stack buffer overflow which may cause malicious code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Stack Buffer Overflow", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-05-29T19:06:47", "orgId": "25ac1063-e409-4190-8079-24548c77ea2e", "shortName": "huawei" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-stack-en" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@huawei.com", "ID": "CVE-2020-1832", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "E6878-370", "version": { "version_data": [ { "version_value": "10.0.3.1(H557SP27C233)" }, { "version_value": "10.0.3.1(H563SP1C00)" } ] } } ] }, "vendor_name": "Huawei" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "E6878-370 products with versions of 10.0.3.1(H557SP27C233) and 10.0.3.1(H563SP1C00) have a stack buffer overflow vulnerability. The program copies an input buffer to an output buffer without verification. An attacker in the adjacent network could send a crafted message, successful exploit could lead to stack buffer overflow which may cause malicious code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Stack Buffer Overflow" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-stack-en", "refsource": "CONFIRM", "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-stack-en" } ] } } } }, "cveMetadata": { "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e", "assignerShortName": "huawei", "cveId": "CVE-2020-1832", "datePublished": "2020-05-29T19:06:47", "dateReserved": "2019-11-29T00:00:00", "dateUpdated": "2024-08-04T06:46:30.938Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-9069
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200520-01-leakage-en | x_refsource_CONFIRM |
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | HUAWEI | Anne-AL00 |
Version: earlier than 9.1.0.331(C675E9R1P3T8) |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T10:19:19.496Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200520-01-leakage-en" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Anne-AL00", "vendor": "HUAWEI", "versions": [ { "status": "affected", "version": "earlier than 9.1.0.331(C675E9R1P3T8)" } ] }, { "product": "Berkeley-L09", "vendor": "HUAWEI", "versions": [ { "status": "affected", "version": "earlier than 10.0.1.1(C675R1)" } ] }, { "product": "CD16-10", "vendor": "HUAWEI", "versions": [ { "status": "affected", "version": "earlier than 10.0.2.8" } ] }, { "product": "CD17-10", "vendor": "HUAWEI", "versions": [ { "status": "affected", "version": "earlier than 10.0.2.8" } ] }, { "product": "CD17-16", "vendor": "HUAWEI", "versions": [ { "status": "affected", "version": "earlier than 10.0.2.8" } ] }, { "product": "CD18-10", "vendor": "HUAWEI", "versions": [ { "status": "affected", "version": "earlier than 10.0.2.8" } ] }, { "product": "CD18-16", "vendor": "HUAWEI", "versions": [ { "status": "affected", "version": "earlier than 10.0.2.8" } ] }, { "product": "Columbia-TL00B", "vendor": "HUAWEI", "versions": [ { "status": "affected", "version": "earlier than 9.0.0.187(C01E181R1P20T8)" } ] }, { "product": "E6878-370", "vendor": "HUAWEI", "versions": [ { "status": "affected", "version": "earlier than 10.0.5.1(H610SP10C00)" } ] }, { "product": "HUAWEI P30 lite", "vendor": "HUAWEI", "versions": [ { "status": "affected", "version": "earlier than 10.0.0.185(C605E3R1P3)" }, { "status": "affected", "version": "earlier than 10.0.0.197(C432E8R2P7)" } ] }, { "product": "HUAWEI nova 4e", "vendor": "HUAWEI", "versions": [ { "status": "affected", "version": "earlier than 10.0.0.158(C00E64R1P9)" } ] }, { "product": "Honor 10 Lite", "vendor": "HUAWEI", "versions": [ { "status": "affected", "version": "9.0.1.113(C675E11R1P12)" } ] }, { "product": "LelandP-L22A", "vendor": "HUAWEI", "versions": [ { "status": "affected", "version": "earlier than 9.1.0.166(C675E5R1P4T8)" } ] }, { "product": "Marie-AL00AX", "vendor": "HUAWEI", "versions": [ { "status": "affected", "version": "earlier than 10.0.0.158(C00E64R1P9)" } ] }, { "product": "Marie-AL00AY", "vendor": "HUAWEI", "versions": [ { "status": "affected", "version": "earlier than 10.0.0.158(C00E64R1P9)" } ] }, { "product": "Marie-AL00BX", "vendor": "HUAWEI", "versions": [ { "status": "affected", "version": "earlier than 10.0.0.158(C00E64R1P9)" } ] }, { "product": "Marie-L03BX", "vendor": "HUAWEI", "versions": [ { "status": "affected", "version": "earlier than 10.0.0.188(C605E5R1P1)" } ] }, { "product": "Marie-L21BX", "vendor": "HUAWEI", "versions": [ { "status": "affected", "version": "earlier than 10.0.0.188(C432E4R4P1)" }, { "status": "affected", "version": "earlier than 10.0.0.188(C461E5R3P1)" } ] }, { "product": "Marie-L22BX", "vendor": "HUAWEI", "versions": [ { "status": "affected", "version": "earlier than 10.0.0.188(C636E3R3P1)" } ] }, { "product": "Marie-L23BX", "vendor": "HUAWEI", "versions": [ { "status": "affected", "version": "earlier than 10.0.0.188(C605E5R1P1)" } ] }, { "product": "TC5200-16", "vendor": "HUAWEI", "versions": [ { "status": "affected", "version": "earlier than 10.0.2.8" } ] }, { "product": "WS5200-11", "vendor": "HUAWEI", "versions": [ { "status": "affected", "version": "earlier than 10.0.2.8" } ] }, { "product": "WS5200-12", "vendor": "HUAWEI", "versions": [ { "status": "affected", "version": "earlier than 10.0.2.23" } ] }, { "product": "WS5200-16", "vendor": "HUAWEI", "versions": [ { "status": "affected", "version": "earlier than 10.0.2.8" } ] }, { "product": "WS5200-17", "vendor": "HUAWEI", "versions": [ { "status": "affected", "version": "earlier than 10.0.2.23" } ] }, { "product": "WS5800-10", "vendor": "HUAWEI", "versions": [ { "status": "affected", "version": "earlier than 10.0.3.27" } ] }, { "product": "WS6500-10", "vendor": "HUAWEI", "versions": [ { "status": "affected", "version": "earlier than 10.0.2.8" } ] }, { "product": "WS6500-16", "vendor": "HUAWEI", "versions": [ { "status": "affected", "version": "earlier than 10.0.2.8" } ] } ], "descriptions": [ { "lang": "en", "value": "There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent attacker could exploit this vulnerability to decrypt data. Successful exploitation may leak information randomly. Affected product versions include: Anne-AL00 Versions earlier than 9.1.0.331(C675E9R1P3T8); Berkeley-L09 Versions earlier than 10.0.1.1(C675R1); CD16-10 Versions earlier than 10.0.2.8; CD17-10 Versions earlier than 10.0.2.8; CD17-16 Versions earlier than 10.0.2.8; CD18-10 Versions earlier than 10.0.2.8; CD18-16 Versions earlier than 10.0.2.8; Columbia-TL00B Versions earlier than 9.0.0.187(C01E181R1P20T8); E6878-370 Versions earlier than 10.0.5.1(H610SP10C00); HUAWEI P30 lite Versions earlier than 10.0.0.185(C605E3R1P3), Versions earlier than 10.0.0.197(C432E8R2P7); HUAWEI nova 4e Versions earlier than 10.0.0.158(C00E64R1P9); Honor 10 Lite 9.0.1.113(C675E11R1P12); LelandP-L22A Versions earlier than 9.1.0.166(C675E5R1P4T8); Marie-AL00AX Versions earlier than 10.0.0.158(C00E64R1P9); Marie-AL00AY Versions earlier than 10.0.0.158(C00E64R1P9); Marie-AL00BX Versions earlier than 10.0.0.158(C00E64R1P9); Marie-L03BX Versions earlier than 10.0.0.188(C605E5R1P1); Marie-L21BX Versions earlier than 10.0.0.188(C432E4R4P1), Versions earlier than 10.0.0.188(C461E5R3P1); Marie-L22BX Versions earlier than 10.0.0.188(C636E3R3P1); Marie-L23BX Versions earlier than 10.0.0.188(C605E5R1P1); TC5200-16 Versions earlier than 10.0.2.8; WS5200-11 Versions earlier than 10.0.2.8; WS5200-12 Versions earlier than 10.0.2.23; WS5200-16 Versions earlier than 10.0.2.8; WS5200-17 Versions earlier than 10.0.2.23; WS5800-10 Versions earlier than 10.0.3.27; WS6500-10 Versions earlier than 10.0.2.8; WS6500-16 Versions earlier than 10.0.2.8" } ], "problemTypes": [ { "descriptions": [ { "description": "Information Leakage", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-05-29T22:23:46", "orgId": "25ac1063-e409-4190-8079-24548c77ea2e", "shortName": "huawei" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200520-01-leakage-en" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@huawei.com", "ID": "CVE-2020-9069", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Anne-AL00", "version": { "version_data": [ { "version_value": "earlier than 9.1.0.331(C675E9R1P3T8)" } ] } }, { "product_name": "Berkeley-L09", "version": { "version_data": [ { "version_value": "earlier than 10.0.1.1(C675R1)" } ] } }, { "product_name": "CD16-10", "version": { "version_data": [ { "version_value": "earlier than 10.0.2.8" } ] } }, { "product_name": "CD17-10", "version": { "version_data": [ { "version_value": "earlier than 10.0.2.8" } ] } }, { "product_name": "CD17-16", "version": { "version_data": [ { "version_value": "earlier than 10.0.2.8" } ] } }, { "product_name": "CD18-10", "version": { "version_data": [ { "version_value": "earlier than 10.0.2.8" } ] } }, { "product_name": "CD18-16", "version": { "version_data": [ { "version_value": "earlier than 10.0.2.8" } ] } }, { "product_name": "Columbia-TL00B", "version": { "version_data": [ { "version_value": "earlier than 9.0.0.187(C01E181R1P20T8)" } ] } }, { "product_name": "E6878-370", "version": { "version_data": [ { "version_value": "earlier than 10.0.5.1(H610SP10C00)" } ] } }, { "product_name": "HUAWEI P30 lite", "version": { "version_data": [ { "version_value": "earlier than 10.0.0.185(C605E3R1P3)" }, { "version_value": "earlier than 10.0.0.197(C432E8R2P7)" } ] } }, { "product_name": "HUAWEI nova 4e", "version": { "version_data": [ { "version_value": "earlier than 10.0.0.158(C00E64R1P9)" } ] } }, { "product_name": "Honor 10 Lite", "version": { "version_data": [ { "version_value": "9.0.1.113(C675E11R1P12)" } ] } }, { "product_name": "LelandP-L22A", "version": { "version_data": [ { "version_value": "earlier than 9.1.0.166(C675E5R1P4T8)" } ] } }, { "product_name": "Marie-AL00AX", "version": { "version_data": [ { "version_value": "earlier than 10.0.0.158(C00E64R1P9)" } ] } }, { "product_name": "Marie-AL00AY", "version": { "version_data": [ { "version_value": "earlier than 10.0.0.158(C00E64R1P9)" } ] } }, { "product_name": "Marie-AL00BX", "version": { "version_data": [ { "version_value": "earlier than 10.0.0.158(C00E64R1P9)" } ] } }, { "product_name": "Marie-L03BX", "version": { "version_data": [ { "version_value": "earlier than 10.0.0.188(C605E5R1P1)" } ] } }, { "product_name": "Marie-L21BX", "version": { "version_data": [ { "version_value": "earlier than 10.0.0.188(C432E4R4P1)" }, { "version_value": "earlier than 10.0.0.188(C461E5R3P1)" } ] } }, { "product_name": "Marie-L22BX", "version": { "version_data": [ { "version_value": "earlier than 10.0.0.188(C636E3R3P1)" } ] } }, { "product_name": "Marie-L23BX", "version": { "version_data": [ { "version_value": "earlier than 10.0.0.188(C605E5R1P1)" } ] } }, { "product_name": "TC5200-16", "version": { "version_data": [ { "version_value": "earlier than 10.0.2.8" } ] } }, { "product_name": "WS5200-11", "version": { "version_data": [ { "version_value": "earlier than 10.0.2.8" } ] } }, { "product_name": "WS5200-12", "version": { "version_data": [ { "version_value": "earlier than 10.0.2.23" } ] } }, { "product_name": "WS5200-16", "version": { "version_data": [ { "version_value": "earlier than 10.0.2.8" } ] } }, { "product_name": "WS5200-17", "version": { "version_data": [ { "version_value": "earlier than 10.0.2.23" } ] } }, { "product_name": "WS5800-10", "version": { "version_data": [ { "version_value": "earlier than 10.0.3.27" } ] } }, { "product_name": "WS6500-10", "version": { "version_data": [ { "version_value": "earlier than 10.0.2.8" } ] } }, { "product_name": "WS6500-16", "version": { "version_data": [ { "version_value": "earlier than 10.0.2.8" } ] } } ] }, "vendor_name": "HUAWEI" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent attacker could exploit this vulnerability to decrypt data. Successful exploitation may leak information randomly. Affected product versions include: Anne-AL00 Versions earlier than 9.1.0.331(C675E9R1P3T8); Berkeley-L09 Versions earlier than 10.0.1.1(C675R1); CD16-10 Versions earlier than 10.0.2.8; CD17-10 Versions earlier than 10.0.2.8; CD17-16 Versions earlier than 10.0.2.8; CD18-10 Versions earlier than 10.0.2.8; CD18-16 Versions earlier than 10.0.2.8; Columbia-TL00B Versions earlier than 9.0.0.187(C01E181R1P20T8); E6878-370 Versions earlier than 10.0.5.1(H610SP10C00); HUAWEI P30 lite Versions earlier than 10.0.0.185(C605E3R1P3), Versions earlier than 10.0.0.197(C432E8R2P7); HUAWEI nova 4e Versions earlier than 10.0.0.158(C00E64R1P9); Honor 10 Lite 9.0.1.113(C675E11R1P12); LelandP-L22A Versions earlier than 9.1.0.166(C675E5R1P4T8); Marie-AL00AX Versions earlier than 10.0.0.158(C00E64R1P9); Marie-AL00AY Versions earlier than 10.0.0.158(C00E64R1P9); Marie-AL00BX Versions earlier than 10.0.0.158(C00E64R1P9); Marie-L03BX Versions earlier than 10.0.0.188(C605E5R1P1); Marie-L21BX Versions earlier than 10.0.0.188(C432E4R4P1), Versions earlier than 10.0.0.188(C461E5R3P1); Marie-L22BX Versions earlier than 10.0.0.188(C636E3R3P1); Marie-L23BX Versions earlier than 10.0.0.188(C605E5R1P1); TC5200-16 Versions earlier than 10.0.2.8; WS5200-11 Versions earlier than 10.0.2.8; WS5200-12 Versions earlier than 10.0.2.23; WS5200-16 Versions earlier than 10.0.2.8; WS5200-17 Versions earlier than 10.0.2.23; WS5800-10 Versions earlier than 10.0.3.27; WS6500-10 Versions earlier than 10.0.2.8; WS6500-16 Versions earlier than 10.0.2.8" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information Leakage" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200520-01-leakage-en", "refsource": "CONFIRM", "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200520-01-leakage-en" } ] } } } }, "cveMetadata": { "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e", "assignerShortName": "huawei", "cveId": "CVE-2020-9069", "datePublished": "2020-05-21T14:19:31", "dateReserved": "2020-02-18T00:00:00", "dateUpdated": "2024-08-04T10:19:19.496Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-1799
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200520-01-uaf-en | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T06:46:30.895Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200520-01-uaf-en" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "E6878-370", "vendor": "n/a", "versions": [ { "status": "affected", "version": "10.0.3.1(H557SP27C233),10.0.3.1(H563SP1C00),10.0.3.1(H563SP1C233)" } ] } ], "descriptions": [ { "lang": "en", "value": "E6878-370 with versions of 10.0.3.1(H557SP27C233), 10.0.3.1(H563SP1C00), 10.0.3.1(H563SP1C233) has a use after free vulnerability. The software references memory after it has been freed in certain scenario, the attacker does a series of crafted operations through web portal, successful exploit could cause a use after free condition which may lead to malicious code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Use After Free", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-05-21T14:11:50", "orgId": "25ac1063-e409-4190-8079-24548c77ea2e", "shortName": "huawei" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200520-01-uaf-en" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@huawei.com", "ID": "CVE-2020-1799", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "E6878-370", "version": { "version_data": [ { "version_value": "10.0.3.1(H557SP27C233),10.0.3.1(H563SP1C00),10.0.3.1(H563SP1C233)" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "E6878-370 with versions of 10.0.3.1(H557SP27C233), 10.0.3.1(H563SP1C00), 10.0.3.1(H563SP1C233) has a use after free vulnerability. The software references memory after it has been freed in certain scenario, the attacker does a series of crafted operations through web portal, successful exploit could cause a use after free condition which may lead to malicious code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Use After Free" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200520-01-uaf-en", "refsource": "MISC", "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200520-01-uaf-en" } ] } } } }, "cveMetadata": { "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e", "assignerShortName": "huawei", "cveId": "CVE-2020-1799", "datePublished": "2020-05-21T14:11:50", "dateReserved": "2019-11-29T00:00:00", "dateUpdated": "2024-08-04T06:46:30.895Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-9241
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200812-01-auth-en | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T10:19:20.129Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200812-01-auth-en" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "E6878-370", "vendor": "n/a", "versions": [ { "status": "affected", "version": "10.0.3.1(H563SP1C00),10.0.3.1(H563SP21C233)" } ] } ], "descriptions": [ { "lang": "en", "value": "Huawei 5G Mobile WiFi E6878-370 with versions of 10.0.3.1(H563SP1C00),10.0.3.1(H563SP21C233) have an improper authorization vulnerability. The device does not restrict certain data received from WAN port. Successful exploit could allow an attacker at WAN side to manage certain service of the device." } ], "problemTypes": [ { "descriptions": [ { "description": "Improper Authorization", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-08-17T15:04:50", "orgId": "25ac1063-e409-4190-8079-24548c77ea2e", "shortName": "huawei" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200812-01-auth-en" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@huawei.com", "ID": "CVE-2020-9241", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "E6878-370", "version": { "version_data": [ { "version_value": "10.0.3.1(H563SP1C00),10.0.3.1(H563SP21C233)" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Huawei 5G Mobile WiFi E6878-370 with versions of 10.0.3.1(H563SP1C00),10.0.3.1(H563SP21C233) have an improper authorization vulnerability. The device does not restrict certain data received from WAN port. Successful exploit could allow an attacker at WAN side to manage certain service of the device." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Improper Authorization" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200812-01-auth-en", "refsource": "MISC", "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200812-01-auth-en" } ] } } } }, "cveMetadata": { "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e", "assignerShortName": "huawei", "cveId": "CVE-2020-9241", "datePublished": "2020-08-17T15:04:50", "dateReserved": "2020-02-18T00:00:00", "dateUpdated": "2024-08-04T10:19:20.129Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-9111
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-02-dos-en | x_refsource_MISC |
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | E6878-370;E6878-870 |
Version: 10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233) Version: 10.0.3.1(H557SP27C233),10.0.3.1(H563SP11C233) |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T10:19:20.034Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-02-dos-en" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "E6878-370;E6878-870", "vendor": "n/a", "versions": [ { "status": "affected", "version": "10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233)" }, { "status": "affected", "version": "10.0.3.1(H557SP27C233),10.0.3.1(H563SP11C233)" } ] } ], "descriptions": [ { "lang": "en", "value": "E6878-370 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233) and E6878-870 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP11C233) have a denial of service vulnerability. The system does not properly check some events, an attacker could launch the events continually, successful exploit could cause reboot of the process." } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of Service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-10-19T20:02:04", "orgId": "25ac1063-e409-4190-8079-24548c77ea2e", "shortName": "huawei" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-02-dos-en" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@huawei.com", "ID": "CVE-2020-9111", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "E6878-370;E6878-870", "version": { "version_data": [ { "version_value": "10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233)" }, { "version_value": "10.0.3.1(H557SP27C233),10.0.3.1(H563SP11C233)" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "E6878-370 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233) and E6878-870 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP11C233) have a denial of service vulnerability. The system does not properly check some events, an attacker could launch the events continually, successful exploit could cause reboot of the process." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Denial of Service" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-02-dos-en", "refsource": "MISC", "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-02-dos-en" } ] } } } }, "cveMetadata": { "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e", "assignerShortName": "huawei", "cveId": "CVE-2020-9111", "datePublished": "2020-10-19T20:02:04", "dateReserved": "2020-02-18T00:00:00", "dateUpdated": "2024-08-04T10:19:20.034Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
var-202010-1175
Vulnerability from variot
E6878-370 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233) and E6878-870 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP11C233) have a denial of service vulnerability. The system does not properly check some events, an attacker could launch the events continually, successful exploit could cause reboot of the process. E6878-370 and E6878-870 Contains an unspecified vulnerability.Denial of service (DoS) It may be put into a state. Huawei E6878-370 is a portable 5G router from China's Huawei (Huawei) company. The vulnerability is caused by the system's failure to check when the user processes an event. Attackers can use the vulnerability to cause the process to restart
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202010-1175", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "e6878-370", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": "10.0.3.1\\(h557sp27c233\\)" }, { "model": "e6878-870", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": "10.0.3.1\\(h563sp11c233\\)" }, { "model": "e6878-370", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": "10.0.3.1\\(h563sp21c233\\)" }, { "model": "e6878-870", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": "10.0.3.1\\(h557sp27c233\\)" }, { "model": "e6878-370", "scope": null, "trust": 0.8, "vendor": "huawei", "version": null }, { "model": "e6878-870", "scope": null, "trust": 0.8, "vendor": "huawei", "version": null }, { "model": "e6878-370", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "10.0.3.1" }, { "model": "e6878-870", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "10.0.3.1" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-59055" }, { "db": "JVNDB", "id": "JVNDB-2020-012670" }, { "db": "NVD", "id": "CVE-2020-9111" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:e6878-370_firmware:10.0.3.1\\(h557sp27c233\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:huawei:e6878-370_firmware:10.0.3.1\\(h563sp21c233\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:e6878-370:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:e6878-870_firmware:10.0.3.1\\(h557sp27c233\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:huawei:e6878-870_firmware:10.0.3.1\\(h563sp11c233\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:e6878-870:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2020-9111" } ] }, "cve": "CVE-2020-9111", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 2.7, "confidentialityImpact": "NONE", "exploitabilityScore": 5.1, "impactScore": 2.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "LOW", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Adjacent Network", "authentication": "Single", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 2.7, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2020-9111", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Low", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "exploitabilityScore": 6.5, "id": "CNVD-2020-59055", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 4.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 0.9, "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Adjacent Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 4.5, "baseSeverity": "Medium", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2020-9111", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "High", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2020-9111", "trust": 1.8, "value": "MEDIUM" }, { "author": "CNVD", "id": "CNVD-2020-59055", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-202010-643", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2020-9111", "trust": 0.1, "value": "LOW" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-59055" }, { "db": "VULMON", "id": "CVE-2020-9111" }, { "db": "JVNDB", "id": "JVNDB-2020-012670" }, { "db": "NVD", "id": "CVE-2020-9111" }, { "db": "CNNVD", "id": "CNNVD-202010-643" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "E6878-370 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233) and E6878-870 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP11C233) have a denial of service vulnerability. The system does not properly check some events, an attacker could launch the events continually, successful exploit could cause reboot of the process. E6878-370 and E6878-870 Contains an unspecified vulnerability.Denial of service (DoS) It may be put into a state. Huawei E6878-370 is a portable 5G router from China\u0027s Huawei (Huawei) company. The vulnerability is caused by the system\u0027s failure to check when the user processes an event. Attackers can use the vulnerability to cause the process to restart", "sources": [ { "db": "NVD", "id": "CVE-2020-9111" }, { "db": "JVNDB", "id": "JVNDB-2020-012670" }, { "db": "CNVD", "id": "CNVD-2020-59055" }, { "db": "VULMON", "id": "CVE-2020-9111" } ], "trust": 2.25 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2020-9111", "trust": 3.1 }, { "db": "JVNDB", "id": "JVNDB-2020-012670", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2020-59055", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202010-643", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2020-9111", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-59055" }, { "db": "VULMON", "id": "CVE-2020-9111" }, { "db": "JVNDB", "id": "JVNDB-2020-012670" }, { "db": "NVD", "id": "CVE-2020-9111" }, { "db": "CNNVD", "id": "CNNVD-202010-643" } ] }, "id": "VAR-202010-1175", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2020-59055" } ], "trust": 1.2666667 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "Network device" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-59055" } ] }, "last_update_date": "2023-12-18T12:42:45.699000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "huawei-sa-20201014-02-dos", "trust": 0.8, "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-02-dos-en" }, { "title": "Patch for Huawei E6878-370 Denial of Service Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/237796" }, { "title": "Huawei E6878-370 Security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=131283" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-59055" }, { "db": "JVNDB", "id": "JVNDB-2020-012670" }, { "db": "CNNVD", "id": "CNNVD-202010-643" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-noinfo", "trust": 1.0 }, { "problemtype": "Lack of information (CWE-noinfo) [NVD Evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-012670" }, { "db": "NVD", "id": "CVE-2020-9111" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.3, "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-02-dos-en" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9111" }, { "trust": 0.6, "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20201014-02-dos-cn" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-59055" }, { "db": "VULMON", "id": "CVE-2020-9111" }, { "db": "JVNDB", "id": "JVNDB-2020-012670" }, { "db": "NVD", "id": "CVE-2020-9111" }, { "db": "CNNVD", "id": "CNNVD-202010-643" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2020-59055" }, { "db": "VULMON", "id": "CVE-2020-9111" }, { "db": "JVNDB", "id": "JVNDB-2020-012670" }, { "db": "NVD", "id": "CVE-2020-9111" }, { "db": "CNNVD", "id": "CNNVD-202010-643" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-10-27T00:00:00", "db": "CNVD", "id": "CNVD-2020-59055" }, { "date": "2020-10-19T00:00:00", "db": "VULMON", "id": "CVE-2020-9111" }, { "date": "2021-05-20T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-012670" }, { "date": "2020-10-19T20:15:13.150000", "db": "NVD", "id": "CVE-2020-9111" }, { "date": "2020-10-14T00:00:00", "db": "CNNVD", "id": "CNNVD-202010-643" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-10-28T00:00:00", "db": "CNVD", "id": "CNVD-2020-59055" }, { "date": "2020-10-29T00:00:00", "db": "VULMON", "id": "CVE-2020-9111" }, { "date": "2021-05-20T08:24:00", "db": "JVNDB", "id": "JVNDB-2020-012670" }, { "date": "2020-10-29T18:09:54.193000", "db": "NVD", "id": "CVE-2020-9111" }, { "date": "2020-10-30T00:00:00", "db": "CNNVD", "id": "CNNVD-202010-643" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote or local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202010-643" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "E6878-370\u00a0 and \u00a0E6878-870\u00a0 Vulnerability in", "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-012670" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "CNNVD", "id": "CNNVD-202010-643" } ], "trust": 0.6 } }
var-202005-0971
Vulnerability from variot
There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent attacker could exploit this vulnerability to decrypt data. Successful exploitation may leak information randomly. Affected product versions include: Anne-AL00 Versions earlier than 9.1.0.331(C675E9R1P3T8); Berkeley-L09 Versions earlier than 10.0.1.1(C675R1); CD16-10 Versions earlier than 10.0.2.8; CD17-10 Versions earlier than 10.0.2.8; CD17-16 Versions earlier than 10.0.2.8; CD18-10 Versions earlier than 10.0.2.8; CD18-16 Versions earlier than 10.0.2.8; Columbia-TL00B Versions earlier than 9.0.0.187(C01E181R1P20T8); E6878-370 Versions earlier than 10.0.5.1(H610SP10C00); HUAWEI P30 lite Versions earlier than 10.0.0.185(C605E3R1P3), Versions earlier than 10.0.0.197(C432E8R2P7); HUAWEI nova 4e Versions earlier than 10.0.0.158(C00E64R1P9); Honor 10 Lite 9.0.1.113(C675E11R1P12); LelandP-L22A Versions earlier than 9.1.0.166(C675E5R1P4T8); Marie-AL00AX Versions earlier than 10.0.0.158(C00E64R1P9); Marie-AL00AY Versions earlier than 10.0.0.158(C00E64R1P9); Marie-AL00BX Versions earlier than 10.0.0.158(C00E64R1P9); Marie-L03BX Versions earlier than 10.0.0.188(C605E5R1P1); Marie-L21BX Versions earlier than 10.0.0.188(C432E4R4P1), Versions earlier than 10.0.0.188(C461E5R3P1); Marie-L22BX Versions earlier than 10.0.0.188(C636E3R3P1); Marie-L23BX Versions earlier than 10.0.0.188(C605E5R1P1); TC5200-16 Versions earlier than 10.0.2.8; WS5200-11 Versions earlier than 10.0.2.8; WS5200-12 Versions earlier than 10.0.2.23; WS5200-16 Versions earlier than 10.0.2.8; WS5200-17 Versions earlier than 10.0.2.23; WS5800-10 Versions earlier than 10.0.3.27; WS6500-10 Versions earlier than 10.0.2.8; WS6500-16 Versions earlier than 10.0.2.8. Huawei Anne-AL00 and other products are products of China's Huawei company. Huawei Anne-AL00 is a smartphone. Honor 10 Lite is a smartphone. Huawei TC5200-16 is a wireless router
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202005-0971", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "marie-l21bx \u003c=10.0.0.188", "scope": null, "trust": 1.2, "vendor": "huawei", "version": null }, { "model": "lelandp-l22a", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.166\\(c675e5r1p4t8\\)" }, { "model": "anne-al00", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.331\\(c675e9r1p3t8\\)" }, { "model": "honor 10 lite", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "10.0.0.182\\(c675e17r2p2\\)" }, { "model": "ws5200-16", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "10.0.2.8" }, { "model": "cd18-10", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "10.0.2.8" }, { "model": "ws6500-10", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "10.0.2.8" }, { "model": "e6878-370", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "10.0.5.1\\(h610sp10c00\\)" }, { "model": "cd18-16", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "10.0.2.8" }, { "model": "cd17-10", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "10.0.2.8" }, { "model": "ws5200-17", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "10.0.2.23" }, { "model": "columbia-tl00b", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.0.0.187\\(c01e181r1p20t8\\)" }, { "model": "cd16-10", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "10.0.2.8" }, { "model": "ws5200-11", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "10.0.2.8" }, { "model": "ws5200-11", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "10.0.2.23" }, { "model": "tc5200-16", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "10.0.2.8" }, { "model": "cd17-16", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "10.0.2.8" }, { "model": "ws6500-16", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "10.0.2.8" }, { "model": "berkeley-l09", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "10.0.1.1\\(c675r1\\)" }, { "model": "ws5800-10", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "10.0.3.27" }, { "model": "anne-al00", "scope": "eq", "trust": 0.8, "vendor": "huawei", "version": "9.1.0.331(c675e9r1p3t8)" }, { "model": "berkeley-l09", "scope": "eq", "trust": 0.8, "vendor": "huawei", "version": "10.0.1.1(c675r1)" }, { "model": "cd16-10", "scope": "eq", "trust": 0.8, "vendor": "huawei", "version": "10.0.2.8" }, { "model": "cd17-10", "scope": "eq", "trust": 0.8, "vendor": "huawei", "version": "10.0.2.8" }, { "model": "cd17-16", "scope": "eq", "trust": 0.8, "vendor": "huawei", "version": "10.0.2.8" }, { "model": "cd18-10", "scope": "eq", "trust": 0.8, "vendor": "huawei", "version": "10.0.2.8" }, { "model": "cd18-16", "scope": "eq", "trust": 0.8, "vendor": "huawei", "version": "10.0.2.8" }, { "model": "columbia-tl00b", "scope": "eq", "trust": 0.8, "vendor": "huawei", "version": "9.0.0.187(c01e181r1p20t8)" }, { "model": "e6878-370", "scope": "eq", "trust": 0.8, "vendor": "huawei", "version": "10.0.5.1(h610sp10c00)" }, { "model": "honor 10 lite", "scope": "eq", "trust": 0.8, "vendor": "huawei", "version": "9.0.1.113(c675e11r1p12)" }, { "model": "anne-al00 \u003c=9.1.0.331", "scope": null, "trust": 0.6, "vendor": "huawei", "version": null }, { "model": "berkeley-l09 \u003c=10.0.1.1", "scope": null, "trust": 0.6, "vendor": "huawei", "version": null }, { "model": "cd16-10", "scope": "lte", "trust": 0.6, "vendor": "huawei", "version": "\u003c=10.0.2.8" }, { "model": "cd17-10", "scope": "lte", "trust": 0.6, "vendor": "huawei", "version": "\u003c=10.0.2.8" }, { "model": "cd17-16", "scope": "lte", "trust": 0.6, "vendor": "huawei", "version": "\u003c=10.0.2.8" }, { "model": "cd18-10", "scope": "lte", "trust": 0.6, "vendor": "huawei", "version": "\u003c=10.0.2.8" }, { "model": "cd18-16", "scope": "lte", "trust": 0.6, "vendor": "huawei", "version": "\u003c=10.0.2.8" }, { "model": "columbia-tl00b \u003c=9.0.0.187", "scope": null, "trust": 0.6, "vendor": "huawei", "version": null }, { "model": "e6878-370 \u003c=10.0.5.1", "scope": null, "trust": 0.6, "vendor": "huawei", "version": null }, { "model": "p30 lite \u003c=10.0.0.185", "scope": null, "trust": 0.6, "vendor": "huawei", "version": null }, { "model": "p30 lite \u003c=10.0.0.197", "scope": null, "trust": 0.6, "vendor": "huawei", "version": null }, { "model": "nova 4e \u003c=10.0.0.158", "scope": null, "trust": 0.6, "vendor": "huawei", "version": null }, { "model": "honor lite 9.0.1.113", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "10" }, { "model": "lelandp-l22a \u003c=9.1.0.166", "scope": null, "trust": 0.6, "vendor": "huawei", "version": null }, { "model": "marie-al00ax \u003c=10.0.0.158", "scope": null, "trust": 0.6, "vendor": "huawei", "version": null }, { "model": "marie-al00bx \u003c=10.0.0.158", "scope": null, "trust": 0.6, "vendor": "huawei", "version": null }, { "model": "marie-l22bx \u003c=10.0.0.188", "scope": null, "trust": 0.6, "vendor": "huawei", "version": null }, { "model": "marie-l23bx \u003c=10.0.0.188", "scope": null, "trust": 0.6, "vendor": "huawei", "version": null }, { "model": "tc5200-16", "scope": "lte", "trust": 0.6, "vendor": "huawei", "version": "\u003c=10.0.2.8" }, { "model": "ws5200-11", "scope": "lte", "trust": 0.6, "vendor": "huawei", "version": "\u003c=10.0.2.8" }, { "model": "ws5200-12", "scope": "lte", "trust": 0.6, "vendor": "huawei", "version": "\u003c=10.0.2.23" }, { "model": "ws5200-16", "scope": "lte", "trust": 0.6, "vendor": "huawei", "version": "\u003c=10.0.2.8" }, { "model": "ws5200-17", "scope": "lte", "trust": 0.6, "vendor": "huawei", "version": "\u003c=10.0.2.23" }, { "model": "ws5800-10", "scope": "lte", "trust": 0.6, "vendor": "huawei", "version": "\u003c=10.0.3.27" }, { "model": "ws6500-10", "scope": "lte", "trust": 0.6, "vendor": "huawei", "version": "\u003c=10.0.2.8" }, { "model": "ws6500-16", "scope": "lte", "trust": 0.6, "vendor": "huawei", "version": "\u003c=10.0.2.8" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-36726" }, { "db": "JVNDB", "id": "JVNDB-2020-005593" }, { "db": "NVD", "id": "CVE-2020-9069" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:anne-al00_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.331\\(c675e9r1p3t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:anne-al00:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.0.1.1\\(c675r1\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:cd16-10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.0.2.8", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:cd16-10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:cd17-10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.0.2.8", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:cd17-10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:cd17-16_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.0.2.8", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:cd17-16:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:cd18-10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.0.2.8", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:cd18-10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:cd18-16_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.0.2.8", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:cd18-16:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:columbia-tl00b_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.0.0.187\\(c01e181r1p20t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:columbia-tl00b:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:e6878-370_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.0.5.1\\(h610sp10c00\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:e6878-370:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:honor_10_lite_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.0.0.182\\(c675e17r2p2\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:honor_10_lite:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:lelandp-l22a_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.166\\(c675e5r1p4t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:lelandp-l22a:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:tc5200-16_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.0.2.8", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:tc5200-16:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:ws5200-11_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.0.2.8", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:ws5200-11:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:ws5200-11_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.0.2.23", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:ws5200-11:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:ws5200-16_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.0.2.8", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:ws5200-16:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:ws5200-17_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.0.2.23", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:ws5200-17:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:ws5800-10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.0.3.27", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:ws5800-10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:ws6500-10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.0.2.8", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:ws6500-10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:ws6500-16_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.0.2.8", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:ws6500-16:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2020-9069" } ] }, "cve": "CVE-2020-9069", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 3.3, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 6.5, "impactScore": 2.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "LOW", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Adjacent Network", "authentication": "None", "author": "NVD", "availabilityImpact": "None", "baseScore": 3.3, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "JVNDB-2020-005593", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Low", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "NONE", "baseScore": 3.3, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 6.5, "id": "CNVD-2020-36726", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "LOW", "trust": 0.6, "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Adjacent Network", "author": "NVD", "availabilityImpact": "None", "baseScore": 6.5, "baseSeverity": "Medium", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "JVNDB-2020-005593", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2020-9069", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "JVNDB-2020-005593", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2020-36726", "trust": 0.6, "value": "LOW" }, { "author": "CNNVD", "id": "CNNVD-202005-1099", "trust": 0.6, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-36726" }, { "db": "JVNDB", "id": "JVNDB-2020-005593" }, { "db": "NVD", "id": "CVE-2020-9069" }, { "db": "CNNVD", "id": "CNNVD-202005-1099" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent attacker could exploit this vulnerability to decrypt data. Successful exploitation may leak information randomly. Affected product versions include: Anne-AL00 Versions earlier than 9.1.0.331(C675E9R1P3T8); Berkeley-L09 Versions earlier than 10.0.1.1(C675R1); CD16-10 Versions earlier than 10.0.2.8; CD17-10 Versions earlier than 10.0.2.8; CD17-16 Versions earlier than 10.0.2.8; CD18-10 Versions earlier than 10.0.2.8; CD18-16 Versions earlier than 10.0.2.8; Columbia-TL00B Versions earlier than 9.0.0.187(C01E181R1P20T8); E6878-370 Versions earlier than 10.0.5.1(H610SP10C00); HUAWEI P30 lite Versions earlier than 10.0.0.185(C605E3R1P3), Versions earlier than 10.0.0.197(C432E8R2P7); HUAWEI nova 4e Versions earlier than 10.0.0.158(C00E64R1P9); Honor 10 Lite 9.0.1.113(C675E11R1P12); LelandP-L22A Versions earlier than 9.1.0.166(C675E5R1P4T8); Marie-AL00AX Versions earlier than 10.0.0.158(C00E64R1P9); Marie-AL00AY Versions earlier than 10.0.0.158(C00E64R1P9); Marie-AL00BX Versions earlier than 10.0.0.158(C00E64R1P9); Marie-L03BX Versions earlier than 10.0.0.188(C605E5R1P1); Marie-L21BX Versions earlier than 10.0.0.188(C432E4R4P1), Versions earlier than 10.0.0.188(C461E5R3P1); Marie-L22BX Versions earlier than 10.0.0.188(C636E3R3P1); Marie-L23BX Versions earlier than 10.0.0.188(C605E5R1P1); TC5200-16 Versions earlier than 10.0.2.8; WS5200-11 Versions earlier than 10.0.2.8; WS5200-12 Versions earlier than 10.0.2.23; WS5200-16 Versions earlier than 10.0.2.8; WS5200-17 Versions earlier than 10.0.2.23; WS5800-10 Versions earlier than 10.0.3.27; WS6500-10 Versions earlier than 10.0.2.8; WS6500-16 Versions earlier than 10.0.2.8. Huawei Anne-AL00 and other products are products of China\u0027s Huawei company. Huawei Anne-AL00 is a smartphone. Honor 10 Lite is a smartphone. Huawei TC5200-16 is a wireless router", "sources": [ { "db": "NVD", "id": "CVE-2020-9069" }, { "db": "JVNDB", "id": "JVNDB-2020-005593" }, { "db": "CNVD", "id": "CNVD-2020-36726" } ], "trust": 2.16 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2020-9069", "trust": 3.0 }, { "db": "JVNDB", "id": "JVNDB-2020-005593", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2020-36726", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202005-1099", "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-36726" }, { "db": "JVNDB", "id": "JVNDB-2020-005593" }, { "db": "NVD", "id": "CVE-2020-9069" }, { "db": "CNNVD", "id": "CNNVD-202005-1099" } ] }, "id": "VAR-202005-0971", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2020-36726" } ], "trust": 1.3640656644 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "IoT" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-36726" } ] }, "last_update_date": "2023-12-18T13:12:58.319000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "huawei-sa-20200520-01-leakage", "trust": 0.8, "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200520-01-leakage-en" }, { "title": "Patch for Multiple Huawei product information disclosure vulnerabilities (CNVD-2020-36726)", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/224779" }, { "title": "Multiple Huawei Product information disclosure vulnerability repair measures", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=119391" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-36726" }, { "db": "JVNDB", "id": "JVNDB-2020-005593" }, { "db": "CNNVD", "id": "CNNVD-202005-1099" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-noinfo", "trust": 1.0 }, { "problemtype": "CWE-200", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-005593" }, { "db": "NVD", "id": "CVE-2020-9069" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.0, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9069" }, { "trust": 1.6, "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200520-01-leakage-en" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-9069" }, { "trust": 0.6, "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200520-01-leakage-cn" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-36726" }, { "db": "JVNDB", "id": "JVNDB-2020-005593" }, { "db": "NVD", "id": "CVE-2020-9069" }, { "db": "CNNVD", "id": "CNNVD-202005-1099" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2020-36726" }, { "db": "JVNDB", "id": "JVNDB-2020-005593" }, { "db": "NVD", "id": "CVE-2020-9069" }, { "db": "CNNVD", "id": "CNNVD-202005-1099" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-07-07T00:00:00", "db": "CNVD", "id": "CNVD-2020-36726" }, { "date": "2020-06-18T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-005593" }, { "date": "2020-05-21T15:15:10.123000", "db": "NVD", "id": "CVE-2020-9069" }, { "date": "2020-05-20T00:00:00", "db": "CNNVD", "id": "CNNVD-202005-1099" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-07-07T00:00:00", "db": "CNVD", "id": "CNVD-2020-36726" }, { "date": "2020-06-18T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-005593" }, { "date": "2021-07-21T11:39:23.747000", "db": "NVD", "id": "CVE-2020-9069" }, { "date": "2020-07-30T00:00:00", "db": "CNNVD", "id": "CNNVD-202005-1099" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote or local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202005-1099" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural Huawei Information leakage vulnerabilities in products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-005593" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "information disclosure", "sources": [ { "db": "CNNVD", "id": "CNNVD-202005-1099" } ], "trust": 0.6 } }
var-202008-1045
Vulnerability from variot
Huawei 5G Mobile WiFi E6878-370 with versions of 10.0.3.1(H563SP1C00),10.0.3.1(H563SP21C233) have an improper authorization vulnerability. The device does not restrict certain data received from WAN port. Successful exploit could allow an attacker at WAN side to manage certain service of the device. Huawei 5G Mobile WiFi E6878-370 Exists in a fraudulent authentication vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Huawei E6878-370 is a portable 5G router from China's Huawei (Huawei) company. Attackers can use this vulnerability to operate certain business modules
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202008-1045", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "e6878-370 10.0.3.1", "scope": null, "trust": 1.2, "vendor": "huawei", "version": null }, { "model": "e6878-370", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": "10.0.3.1\\(h563sp21c233\\)" }, { "model": "e6878-370", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": "10.0.3.1\\(h563sp1c00\\)" }, { "model": "e6878-370", "scope": "eq", "trust": 0.8, "vendor": "huawei", "version": "10.0.3.1(h563sp1c00)" }, { "model": "e6878-370", "scope": "eq", "trust": 0.8, "vendor": "huawei", "version": "10.0.3.1(h563sp21c233)" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-46455" }, { "db": "JVNDB", "id": "JVNDB-2020-009457" }, { "db": "NVD", "id": "CVE-2020-9241" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:e6878-370_firmware:10.0.3.1\\(h563sp1c00\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:huawei:e6878-370_firmware:10.0.3.1\\(h563sp21c233\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:e6878-370:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2020-9241" } ] }, "cve": "CVE-2020-9241", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "impactScore": 6.4, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 6.8, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "JVNDB-2020-009457", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 6.6, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 4.9, "id": "CNVD-2020-46455", "impactScore": 8.5, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "HIGH", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "exploitabilityScore": 2.2, "impactScore": 4.7, "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H", "version": "3.1" }, { "attackComplexity": "High", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 7.0, "baseSeverity": "High", "confidentialityImpact": "Low", "exploitabilityScore": null, "id": "JVNDB-2020-009457", "impactScore": null, "integrityImpact": "Low", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2020-9241", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "JVNDB-2020-009457", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2020-46455", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-202008-672", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-46455" }, { "db": "JVNDB", "id": "JVNDB-2020-009457" }, { "db": "NVD", "id": "CVE-2020-9241" }, { "db": "CNNVD", "id": "CNNVD-202008-672" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Huawei 5G Mobile WiFi E6878-370 with versions of 10.0.3.1(H563SP1C00),10.0.3.1(H563SP21C233) have an improper authorization vulnerability. The device does not restrict certain data received from WAN port. Successful exploit could allow an attacker at WAN side to manage certain service of the device. Huawei 5G Mobile WiFi E6878-370 Exists in a fraudulent authentication vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Huawei E6878-370 is a portable 5G router from China\u0027s Huawei (Huawei) company. Attackers can use this vulnerability to operate certain business modules", "sources": [ { "db": "NVD", "id": "CVE-2020-9241" }, { "db": "JVNDB", "id": "JVNDB-2020-009457" }, { "db": "CNVD", "id": "CNVD-2020-46455" } ], "trust": 2.16 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2020-9241", "trust": 3.0 }, { "db": "JVNDB", "id": "JVNDB-2020-009457", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2020-46455", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202008-672", "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-46455" }, { "db": "JVNDB", "id": "JVNDB-2020-009457" }, { "db": "NVD", "id": "CVE-2020-9241" }, { "db": "CNNVD", "id": "CNNVD-202008-672" } ] }, "id": "VAR-202008-1045", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2020-46455" } ], "trust": 1.2666667 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "Network device" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-46455" } ] }, "last_update_date": "2023-12-18T12:42:48.843000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "huawei-sa-20200812-01-auth", "trust": 0.8, "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200812-01-auth-en" }, { "title": "Patch for Huawei E6878-370 improper authorization vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/230782" }, { "title": "Huawei E6878-370 Remediation measures for authorization problem vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=126695" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-46455" }, { "db": "JVNDB", "id": "JVNDB-2020-009457" }, { "db": "CNNVD", "id": "CNNVD-202008-672" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-noinfo", "trust": 1.0 }, { "problemtype": "CWE-863", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-009457" }, { "db": "NVD", "id": "CVE-2020-9241" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.6, "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200812-01-auth-en" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9241" }, { "trust": 1.2, "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200812-01-auth-cn" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-9241" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-46455" }, { "db": "JVNDB", "id": "JVNDB-2020-009457" }, { "db": "NVD", "id": "CVE-2020-9241" }, { "db": "CNNVD", "id": "CNNVD-202008-672" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2020-46455" }, { "db": "JVNDB", "id": "JVNDB-2020-009457" }, { "db": "NVD", "id": "CVE-2020-9241" }, { "db": "CNNVD", "id": "CNNVD-202008-672" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-08-17T00:00:00", "db": "CNVD", "id": "CNVD-2020-46455" }, { "date": "2020-11-06T05:05:41", "db": "JVNDB", "id": "JVNDB-2020-009457" }, { "date": "2020-08-17T16:15:14.107000", "db": "NVD", "id": "CVE-2020-9241" }, { "date": "2020-08-12T00:00:00", "db": "CNNVD", "id": "CNNVD-202008-672" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-08-17T00:00:00", "db": "CNVD", "id": "CNVD-2020-46455" }, { "date": "2020-11-06T05:05:41", "db": "JVNDB", "id": "JVNDB-2020-009457" }, { "date": "2021-07-21T11:39:23.747000", "db": "NVD", "id": "CVE-2020-9241" }, { "date": "2021-07-27T00:00:00", "db": "CNNVD", "id": "CNNVD-202008-672" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202008-672" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Huawei 5G Mobile WiFi E6878-370 Unauthorized authentication vulnerability in", "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-009457" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "authorization issue", "sources": [ { "db": "CNNVD", "id": "CNNVD-202008-672" } ], "trust": 0.6 } }
var-202005-0669
Vulnerability from variot
E6878-370 products with versions of 10.0.3.1(H557SP27C233) and 10.0.3.1(H563SP1C00) have a stack buffer overflow vulnerability. The program copies an input buffer to an output buffer without verification. An attacker in the adjacent network could send a crafted message, successful exploit could lead to stack buffer overflow which may cause malicious code execution. E6878-370 Is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Huawei E6878-370 is a portable 5G router from China's Huawei company
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202005-0669", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "e6878-370 10.0.3.1", "scope": null, "trust": 1.2, "vendor": "huawei", "version": null }, { "model": "e6878-370", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": "10.0.3.1\\(h557sp27c233\\)" }, { "model": "e6878-370", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": "10.0.3.1\\(h563sp1c233\\)" }, { "model": "e6878-370", "scope": "eq", "trust": 0.8, "vendor": "huawei", "version": "10.0.3.1(h557sp27c233)" }, { "model": "e6878-370", "scope": "eq", "trust": 0.8, "vendor": "huawei", "version": "10.0.3.1(h563sp1c00)" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-31281" }, { "db": "JVNDB", "id": "JVNDB-2020-005940" }, { "db": "NVD", "id": "CVE-2020-1832" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:e6878-370_firmware:10.0.3.1\\(h557sp27c233\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:huawei:e6878-370_firmware:10.0.3.1\\(h563sp1c233\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:e6878-370:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2020-1832" } ] }, "cve": "CVE-2020-1832", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 6.5, "impactScore": 6.4, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Adjacent Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 5.8, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "JVNDB-2020-005940", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 6.5, "id": "CNVD-2020-31281", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Adjacent Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 8.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "JVNDB-2020-005940", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2020-1832", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "JVNDB-2020-005940", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2020-31281", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-202005-1347", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-31281" }, { "db": "JVNDB", "id": "JVNDB-2020-005940" }, { "db": "NVD", "id": "CVE-2020-1832" }, { "db": "CNNVD", "id": "CNNVD-202005-1347" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "E6878-370 products with versions of 10.0.3.1(H557SP27C233) and 10.0.3.1(H563SP1C00) have a stack buffer overflow vulnerability. The program copies an input buffer to an output buffer without verification. An attacker in the adjacent network could send a crafted message, successful exploit could lead to stack buffer overflow which may cause malicious code execution. E6878-370 Is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Huawei E6878-370 is a portable 5G router from China\u0027s Huawei company", "sources": [ { "db": "NVD", "id": "CVE-2020-1832" }, { "db": "JVNDB", "id": "JVNDB-2020-005940" }, { "db": "CNVD", "id": "CNVD-2020-31281" } ], "trust": 2.16 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2020-1832", "trust": 3.0 }, { "db": "JVNDB", "id": "JVNDB-2020-005940", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2020-31281", "trust": 0.6 }, { "db": "NSFOCUS", "id": "47435", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202005-1347", "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-31281" }, { "db": "JVNDB", "id": "JVNDB-2020-005940" }, { "db": "NVD", "id": "CVE-2020-1832" }, { "db": "CNNVD", "id": "CNNVD-202005-1347" } ] }, "id": "VAR-202005-0669", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2020-31281" } ], "trust": 1.2666667 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "Network device" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-31281" } ] }, "last_update_date": "2023-12-18T13:56:14.487000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "huawei-sa-20200527-01-stack", "trust": 0.8, "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-stack-en" }, { "title": "Patch for Huawei E6878-370 buffer overflow vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/220053" }, { "title": "Huawei E6878-370 Buffer error vulnerability fix", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=119905" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-31281" }, { "db": "JVNDB", "id": "JVNDB-2020-005940" }, { "db": "CNNVD", "id": "CNNVD-202005-1347" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-787", "trust": 1.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-005940" }, { "db": "NVD", "id": "CVE-2020-1832" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.0, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1832" }, { "trust": 1.6, "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-stack-en" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1832" }, { "trust": 0.6, "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200527-01-stack-cn" }, { "trust": 0.6, "url": "http://www.nsfocus.net/vulndb/47435" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-31281" }, { "db": "JVNDB", "id": "JVNDB-2020-005940" }, { "db": "NVD", "id": "CVE-2020-1832" }, { "db": "CNNVD", "id": "CNNVD-202005-1347" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2020-31281" }, { "db": "JVNDB", "id": "JVNDB-2020-005940" }, { "db": "NVD", "id": "CVE-2020-1832" }, { "db": "CNNVD", "id": "CNNVD-202005-1347" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-06-03T00:00:00", "db": "CNVD", "id": "CNVD-2020-31281" }, { "date": "2020-06-25T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-005940" }, { "date": "2020-05-29T20:15:11.233000", "db": "NVD", "id": "CVE-2020-1832" }, { "date": "2020-05-27T00:00:00", "db": "CNNVD", "id": "CNNVD-202005-1347" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-06-03T00:00:00", "db": "CNVD", "id": "CNVD-2020-31281" }, { "date": "2020-06-25T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-005940" }, { "date": "2020-06-02T14:50:52.420000", "db": "NVD", "id": "CVE-2020-1832" }, { "date": "2020-08-05T00:00:00", "db": "CNNVD", "id": "CNNVD-202005-1347" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote or local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202005-1347" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "E6878-370 Out-of-bounds write vulnerability in", "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-005940" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "buffer error", "sources": [ { "db": "CNNVD", "id": "CNNVD-202005-1347" } ], "trust": 0.6 } }
var-202005-0620
Vulnerability from variot
E6878-370 with versions of 10.0.3.1(H557SP27C233), 10.0.3.1(H563SP1C00), 10.0.3.1(H563SP1C233) has a use after free vulnerability. The software references memory after it has been freed in certain scenario, the attacker does a series of crafted operations through web portal, successful exploit could cause a use after free condition which may lead to malicious code execution. E6878-370 Is vulnerable to the use of freed memory.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Huawei E6878-370 is a portable 5G router from China's Huawei company.
There are security vulnerabilities in Huawei E6878-370 version 10.0.3.1 (H557SP27C233), 10.0.0.1 (H563SP1C00) and 10.0.0.1 (H563SP1C233). Attackers can use this vulnerability to execute malicious code via the web interface
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202005-0620", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "e6878-370 10.0.3.1", "scope": null, "trust": 1.8, "vendor": "huawei", "version": null }, { "model": "e6878-370", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": "10.0.3.1\\(h557sp27c233\\)" }, { "model": "e6878-370", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": "10.0.3.1\\(h563sp1c233\\)" }, { "model": "e6878-370", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": "10.0.3.1\\(h563sp1c00\\)" }, { "model": "e6878-370", "scope": "eq", "trust": 0.8, "vendor": "huawei", "version": "10.0.3.1(h557sp27c233)" }, { "model": "e6878-370", "scope": "eq", "trust": 0.8, "vendor": "huawei", "version": "10.0.3.1(h563sp1c00)" }, { "model": "e6878-370", "scope": "eq", "trust": 0.8, "vendor": "huawei", "version": "10.0.3.1(h563sp1c233)" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-30439" }, { "db": "JVNDB", "id": "JVNDB-2020-005597" }, { "db": "NVD", "id": "CVE-2020-1799" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:e6878-370_firmware:10.0.3.1\\(h557sp27c233\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:huawei:e6878-370_firmware:10.0.3.1\\(h563sp1c00\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:huawei:e6878-370_firmware:10.0.3.1\\(h563sp1c233\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:e6878-370:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2020-1799" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "360 Alpha Lab", "sources": [ { "db": "CNNVD", "id": "CNNVD-202005-1095" } ], "trust": 0.6 }, "cve": "CVE-2020-1799", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 5.4, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 5.5, "impactScore": 6.4, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Adjacent Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 5.4, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "JVNDB-2020-005597", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "PARTIAL", "baseScore": 5.4, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 5.5, "id": "CNVD-2020-30439", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.6, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "High", "attackVector": "Adjacent Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 7.5, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "JVNDB-2020-005597", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2020-1799", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "JVNDB-2020-005597", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2020-30439", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-202005-1095", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-30439" }, { "db": "JVNDB", "id": "JVNDB-2020-005597" }, { "db": "NVD", "id": "CVE-2020-1799" }, { "db": "CNNVD", "id": "CNNVD-202005-1095" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "E6878-370 with versions of 10.0.3.1(H557SP27C233), 10.0.3.1(H563SP1C00), 10.0.3.1(H563SP1C233) has a use after free vulnerability. The software references memory after it has been freed in certain scenario, the attacker does a series of crafted operations through web portal, successful exploit could cause a use after free condition which may lead to malicious code execution. E6878-370 Is vulnerable to the use of freed memory.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Huawei E6878-370 is a portable 5G router from China\u0027s Huawei company. \n\r\n\r\nThere are security vulnerabilities in Huawei E6878-370 version 10.0.3.1 (H557SP27C233), 10.0.0.1 (H563SP1C00) and 10.0.0.1 (H563SP1C233). Attackers can use this vulnerability to execute malicious code via the web interface", "sources": [ { "db": "NVD", "id": "CVE-2020-1799" }, { "db": "JVNDB", "id": "JVNDB-2020-005597" }, { "db": "CNVD", "id": "CNVD-2020-30439" } ], "trust": 2.16 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2020-1799", "trust": 3.0 }, { "db": "JVNDB", "id": "JVNDB-2020-005597", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2020-30439", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202005-1095", "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-30439" }, { "db": "JVNDB", "id": "JVNDB-2020-005597" }, { "db": "NVD", "id": "CVE-2020-1799" }, { "db": "CNNVD", "id": "CNNVD-202005-1095" } ] }, "id": "VAR-202005-0620", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2020-30439" } ], "trust": 1.2666667 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "Network device" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-30439" } ] }, "last_update_date": "2023-12-18T13:28:08.248000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "huawei-sa-20200520-01-uaf", "trust": 0.8, "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200520-01-uaf-en" }, { "title": "Patch for Huawei E6878-370 UAF vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/219231" }, { "title": "Huawei E6878-370 Remediation of resource management error vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=119155" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-30439" }, { "db": "JVNDB", "id": "JVNDB-2020-005597" }, { "db": "CNNVD", "id": "CNNVD-202005-1095" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-416", "trust": 1.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-005597" }, { "db": "NVD", "id": "CVE-2020-1799" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.0, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1799" }, { "trust": 1.6, "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200520-01-uaf-en" }, { "trust": 1.2, "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200520-01-uaf-cn" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1799" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-30439" }, { "db": "JVNDB", "id": "JVNDB-2020-005597" }, { "db": "NVD", "id": "CVE-2020-1799" }, { "db": "CNNVD", "id": "CNNVD-202005-1095" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2020-30439" }, { "db": "JVNDB", "id": "JVNDB-2020-005597" }, { "db": "NVD", "id": "CVE-2020-1799" }, { "db": "CNNVD", "id": "CNNVD-202005-1095" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-05-28T00:00:00", "db": "CNVD", "id": "CNVD-2020-30439" }, { "date": "2020-06-18T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-005597" }, { "date": "2020-05-21T15:15:09.763000", "db": "NVD", "id": "CVE-2020-1799" }, { "date": "2020-05-20T00:00:00", "db": "CNNVD", "id": "CNNVD-202005-1095" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-05-28T00:00:00", "db": "CNVD", "id": "CNVD-2020-30439" }, { "date": "2020-06-18T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-005597" }, { "date": "2020-05-21T19:14:44.413000", "db": "NVD", "id": "CVE-2020-1799" }, { "date": "2020-05-22T00:00:00", "db": "CNNVD", "id": "CNNVD-202005-1095" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote or local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202005-1095" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "E6878-370 Vulnerability in using free memory in", "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-005597" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "resource management error", "sources": [ { "db": "CNNVD", "id": "CNNVD-202005-1095" } ], "trust": 0.6 } }