All the vulnerabilites related to huawei - cloudlink_board_firmware
Vulnerability from fkie_nvd
Published
2020-02-17 21:15
Modified
2024-11-21 05:11
Severity ?
Summary
Huawei CloudLink Board version 20.0.0; DP300 version V500R002C00; RSE6500 versions V100R001C00, V500R002C00, and V500R002C00SPC900; and TE60 versions V500R002C00, V600R006C00, V600R006C00SPC200, V600R006C00SPC300, V600R006C10, V600R019C00, and V600R019C00SPC100 have an information leak vulnerability. An unauthenticated, remote attacker can make a large number of attempts to guess information. Successful exploitation may cause information leak.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | cloudlink_board_firmware | 20.0.0 | |
| huawei | cloudlink_board | - | |
| huawei | dp300_firmware | v500r002c00 | |
| huawei | dp300 | - | |
| huawei | rse6500_firmware | v100r001c00 | |
| huawei | rse6500_firmware | v500r002c00 | |
| huawei | rse6500_firmware | v500r002c00spc900 | |
| huawei | rse6500 | - | |
| huawei | te60_firmware | v500r002c00 | |
| huawei | te60_firmware | v600r006c00 | |
| huawei | te60_firmware | v600r006c00spc200 | |
| huawei | te60_firmware | v600r006c00spc300 | |
| huawei | te60_firmware | v600r006c10 | |
| huawei | te60_firmware | v600r019c00 | |
| huawei | te60_firmware | v600r019c00spc100 | |
| huawei | te60 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cloudlink_board_firmware:20.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB83669F-200D-41D5-897D-5C2B1235DAC6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cloudlink_board:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4D0A02C-4FCB-4B63-A3F3-A58FC93AC139",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8871106B-D3AF-4CFB-A544-1FA411642428",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F3483B2-9EB6-4E34-900A-945C04A3160D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:rse6500_firmware:v100r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "AD1A7B89-F3A6-4FB1-8871-15BBFFC82E54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:rse6500_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "649BB696-BDBE-46FC-A23D-287DE306D8BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:rse6500_firmware:v500r002c00spc900:*:*:*:*:*:*:*",
"matchCriteriaId": "F073EA63-0FB7-404A-9A6D-6518A0713C92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:rse6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DD9417D-0515-4B21-AD32-E6B137575D01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "01BC9042-0485-437F-811F-F8898B3B7EA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4A29049D-F472-4772-8750-20730DA624E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v600r006c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "040454F6-FCDB-4320-8933-8F7DBB9956ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v600r006c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "98F3BB83-7F0A-4C59-B889-7EF95BD581BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v600r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "5F394525-A467-4403-A1AA-306391427D0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v600r019c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5D2027FF-A5CB-4120-ADF0-06D1BADAB8C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v600r019c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "1C682A04-0F19-4DA6-B8C2-07EA00010D1D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "999117E9-90C8-4E76-90B5-7D364C0B84BF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Huawei CloudLink Board version 20.0.0; DP300 version V500R002C00; RSE6500 versions V100R001C00, V500R002C00, and V500R002C00SPC900; and TE60 versions V500R002C00, V600R006C00, V600R006C00SPC200, V600R006C00SPC300, V600R006C10, V600R019C00, and V600R019C00SPC100 have an information leak vulnerability. An unauthenticated, remote attacker can make a large number of attempts to guess information. Successful exploitation may cause information leak."
},
{
"lang": "es",
"value": "Huawei CloudLink Board versi\u00f3n 20.0.0; DP300 versi\u00f3n V500R002C00; RSE6500 versiones V100R001C00, V500R002C00 y V500R002C00SPC900; y TE60 versiones V500R002C00, V600R006C00, V600R006C00SPC200, V600R006C00SPC300, V600R006C10, V600R019C00 y V600R019C00SPC100, presentan una vulnerabilidad de fuga de informaci\u00f3n. Un atacante remoto no autenticado puede hacer un gran n\u00famero de intentos de adivinar informaci\u00f3n. Una explotaci\u00f3n con \u00e9xito puede causar una fuga de informaci\u00f3n."
}
],
"id": "CVE-2020-1841",
"lastModified": "2024-11-21T05:11:28.427",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-17T21:15:12.960",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200207-01-te-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200207-01-te-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2020-1841
Vulnerability from cvelistv5
Published
2020-02-17 20:49
Modified
2024-08-04 06:53
Severity ?
EPSS score ?
Summary
Huawei CloudLink Board version 20.0.0; DP300 version V500R002C00; RSE6500 versions V100R001C00, V500R002C00, and V500R002C00SPC900; and TE60 versions V500R002C00, V600R006C00, V600R006C00SPC200, V600R006C00SPC300, V600R006C10, V600R019C00, and V600R019C00SPC100 have an information leak vulnerability. An unauthenticated, remote attacker can make a large number of attempts to guess information. Successful exploitation may cause information leak.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200207-01-te-en | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Huawei | CloudLink Board |
Version: 20.0.0 |
||||||||||||
|
|||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:53:58.738Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200207-01-te-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CloudLink Board",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "20.0.0"
}
]
},
{
"product": "DP300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
}
]
},
{
"product": "RSE6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V100R001C00"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C00SPC900"
}
]
},
{
"product": "TE60",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V600R006C00"
},
{
"status": "affected",
"version": "V600R006C00SPC200"
},
{
"status": "affected",
"version": "V600R006C00SPC300"
},
{
"status": "affected",
"version": "V600R006C10"
},
{
"status": "affected",
"version": "V600R019C00"
},
{
"status": "affected",
"version": "V600R019C00SPC100"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Huawei CloudLink Board version 20.0.0; DP300 version V500R002C00; RSE6500 versions V100R001C00, V500R002C00, and V500R002C00SPC900; and TE60 versions V500R002C00, V600R006C00, V600R006C00SPC200, V600R006C00SPC300, V600R006C10, V600R019C00, and V600R019C00SPC100 have an information leak vulnerability. An unauthenticated, remote attacker can make a large number of attempts to guess information. Successful exploitation may cause information leak."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Leak",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-17T20:49:36",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200207-01-te-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1841",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CloudLink Board",
"version": {
"version_data": [
{
"version_value": "20.0.0"
}
]
}
},
{
"product_name": "DP300",
"version": {
"version_data": [
{
"version_value": "V500R002C00"
}
]
}
},
{
"product_name": "RSE6500",
"version": {
"version_data": [
{
"version_value": "V100R001C00"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V500R002C00SPC900"
}
]
}
},
{
"product_name": "TE60",
"version": {
"version_data": [
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "V600R006C00SPC200"
},
{
"version_value": "V600R006C00SPC300"
},
{
"version_value": "V600R006C10"
},
{
"version_value": "V600R019C00"
},
{
"version_value": "V600R019C00SPC100"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei CloudLink Board version 20.0.0; DP300 version V500R002C00; RSE6500 versions V100R001C00, V500R002C00, and V500R002C00SPC900; and TE60 versions V500R002C00, V600R006C00, V600R006C00SPC200, V600R006C00SPC300, V600R006C10, V600R019C00, and V600R019C00SPC100 have an information leak vulnerability. An unauthenticated, remote attacker can make a large number of attempts to guess information. Successful exploitation may cause information leak."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Leak"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200207-01-te-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200207-01-te-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1841",
"datePublished": "2020-02-17T20:49:36",
"dateReserved": "2019-11-29T00:00:00",
"dateUpdated": "2024-08-04T06:53:58.738Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}