Search criteria
156 vulnerabilities found for ips_module_firmware by huawei
FKIE_CVE-2020-1824
Vulnerability from fkie_nvd - Published: 2024-12-28 07:15 - Updated: 2025-01-13 18:39
Severity ?
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "074FE8AB-6BE1-4E77-84E2-1D5C7205D0E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "EC0C5A24-3F4E-4F1F-BC3C-7DC6707712CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "60A9007D-D6AD-4DB9-A0AC-1E400AEC0884",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BAD43A3-730A-4ABC-89F0-DF93A06AA60F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F46A81BE-C125-4CAE-8EE1-23177FE0C21E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c20:*:*:*:*:*:*:*",
"matchCriteriaId": "5524ABE8-D4C4-4BCC-BB57-D1E47480330D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9D57DC59-B234-463F-8BBD-631B7EE9928C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "547D4A9A-6B57-4BBA-9FFE-CF50B9AC5DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "728A7B78-6E19-4656-848F-269DB955070C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "A26FE369-FDB8-4425-B51A-465A41FECE7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A3462B41-1DC4-4451-9575-F81C52F7A23C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E054182-CE33-45E3-8595-159A75BA5162",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "946F5FF7-412F-40F9-A492-DE8E11E7B919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "90C480FB-4D2C-49ED-A635-8B7BEFD95193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC093ED-A979-4484-B758-1C16DF2D6030",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "D7EE3877-6344-466D-90B0-68CF4A53A256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6FCA659-5DF8-44EA-91B6-A80FBB68322A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "875441DD-575F-4F4D-A6BD-23C38641D330",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8AEAB1-6106-47A2-8207-67E557A8BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD7E147-B39E-4C6F-BA5F-F046F3AE4728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "68E9D32D-46F1-495B-BF83-308DFF8822F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "627F40B6-8CD1-47EE-8937-F1FAAAB86F0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "6EE084FC-27EB-4CE6-B529-508DA690C9D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6C14DF5-42F7-470F-B3DD-52B5A0770EC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB7FBB2-1CC6-4DA3-85AB-66562B0A9198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "391BFC6B-9AE6-49D7-855A-CB94AD1EE5C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg6000v_firmware:v500r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "778A61F5-661E-4B41-B08D-C623957BEEE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg6000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88E8A1C0-CD02-4D4E-8DFC-0E03CF914C68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
},
{
"lang": "es",
"value": "Existen m\u00faltiples vulnerabilidades de lectura fuera de los l\u00edmites (OOB) en la implementaci\u00f3n del protocolo Common Open Policy Service (COPS) de algunos productos Huawei. La funci\u00f3n de decodificaci\u00f3n espec\u00edfica puede realizar una lectura fuera de los l\u00edmites cuando se procesa un paquete de datos entrante. La explotaci\u00f3n exitosa de estas vulnerabilidades puede interrumpir el servicio en el dispositivo afectado. (ID de vulnerabilidad: HWPSIRT-2018-12275, HWPSIRT-2018-12276, HWPSIRT-2018-12277, HWPSIRT-2018-12278, HWPSIRT-2018-12279, HWPSIRT-2018-12280 y HWPSIRT-2018-12289) A las siete vulnerabilidades se les han asignado siete identificadores de vulnerabilidades y exposiciones comunes (CVE): CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 y CVE-2020-1824."
}
],
"id": "CVE-2020-1824",
"lastModified": "2025-01-13T18:39:27.433",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-12-28T07:15:18.530",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-1822
Vulnerability from fkie_nvd - Published: 2024-12-28 07:15 - Updated: 2025-01-13 18:40
Severity ?
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "074FE8AB-6BE1-4E77-84E2-1D5C7205D0E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "EC0C5A24-3F4E-4F1F-BC3C-7DC6707712CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "60A9007D-D6AD-4DB9-A0AC-1E400AEC0884",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BAD43A3-730A-4ABC-89F0-DF93A06AA60F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F46A81BE-C125-4CAE-8EE1-23177FE0C21E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c20:*:*:*:*:*:*:*",
"matchCriteriaId": "5524ABE8-D4C4-4BCC-BB57-D1E47480330D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9D57DC59-B234-463F-8BBD-631B7EE9928C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "547D4A9A-6B57-4BBA-9FFE-CF50B9AC5DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "728A7B78-6E19-4656-848F-269DB955070C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "A26FE369-FDB8-4425-B51A-465A41FECE7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A3462B41-1DC4-4451-9575-F81C52F7A23C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E054182-CE33-45E3-8595-159A75BA5162",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "946F5FF7-412F-40F9-A492-DE8E11E7B919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "90C480FB-4D2C-49ED-A635-8B7BEFD95193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC093ED-A979-4484-B758-1C16DF2D6030",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "D7EE3877-6344-466D-90B0-68CF4A53A256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6FCA659-5DF8-44EA-91B6-A80FBB68322A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "875441DD-575F-4F4D-A6BD-23C38641D330",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8AEAB1-6106-47A2-8207-67E557A8BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD7E147-B39E-4C6F-BA5F-F046F3AE4728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "68E9D32D-46F1-495B-BF83-308DFF8822F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "627F40B6-8CD1-47EE-8937-F1FAAAB86F0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "6EE084FC-27EB-4CE6-B529-508DA690C9D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6C14DF5-42F7-470F-B3DD-52B5A0770EC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB7FBB2-1CC6-4DA3-85AB-66562B0A9198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "391BFC6B-9AE6-49D7-855A-CB94AD1EE5C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg6000v_firmware:v500r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "778A61F5-661E-4B41-B08D-C623957BEEE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg6000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88E8A1C0-CD02-4D4E-8DFC-0E03CF914C68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
},
{
"lang": "es",
"value": "Existen m\u00faltiples vulnerabilidades de lectura fuera de los l\u00edmites (OOB) en la implementaci\u00f3n del protocolo Common Open Policy Service (COPS) de algunos productos Huawei. La funci\u00f3n de decodificaci\u00f3n espec\u00edfica puede realizar una lectura fuera de los l\u00edmites cuando se procesa un paquete de datos entrante. La explotaci\u00f3n exitosa de estas vulnerabilidades puede interrumpir el servicio en el dispositivo afectado. (ID de vulnerabilidad: HWPSIRT-2018-12275, HWPSIRT-2018-12276, HWPSIRT-2018-12277, HWPSIRT-2018-12278, HWPSIRT-2018-12279, HWPSIRT-2018-12280 y HWPSIRT-2018-12289) A las siete vulnerabilidades se les han asignado siete identificadores de vulnerabilidades y exposiciones comunes (CVE): CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 y CVE-2020-1824."
}
],
"id": "CVE-2020-1822",
"lastModified": "2025-01-13T18:40:17.893",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-12-28T07:15:18.170",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-1823
Vulnerability from fkie_nvd - Published: 2024-12-28 07:15 - Updated: 2025-01-13 18:39
Severity ?
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "074FE8AB-6BE1-4E77-84E2-1D5C7205D0E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "EC0C5A24-3F4E-4F1F-BC3C-7DC6707712CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "60A9007D-D6AD-4DB9-A0AC-1E400AEC0884",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BAD43A3-730A-4ABC-89F0-DF93A06AA60F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F46A81BE-C125-4CAE-8EE1-23177FE0C21E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c20:*:*:*:*:*:*:*",
"matchCriteriaId": "5524ABE8-D4C4-4BCC-BB57-D1E47480330D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9D57DC59-B234-463F-8BBD-631B7EE9928C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "547D4A9A-6B57-4BBA-9FFE-CF50B9AC5DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "728A7B78-6E19-4656-848F-269DB955070C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "A26FE369-FDB8-4425-B51A-465A41FECE7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A3462B41-1DC4-4451-9575-F81C52F7A23C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E054182-CE33-45E3-8595-159A75BA5162",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "946F5FF7-412F-40F9-A492-DE8E11E7B919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "90C480FB-4D2C-49ED-A635-8B7BEFD95193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC093ED-A979-4484-B758-1C16DF2D6030",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "D7EE3877-6344-466D-90B0-68CF4A53A256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6FCA659-5DF8-44EA-91B6-A80FBB68322A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "875441DD-575F-4F4D-A6BD-23C38641D330",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8AEAB1-6106-47A2-8207-67E557A8BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD7E147-B39E-4C6F-BA5F-F046F3AE4728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "68E9D32D-46F1-495B-BF83-308DFF8822F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "627F40B6-8CD1-47EE-8937-F1FAAAB86F0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "6EE084FC-27EB-4CE6-B529-508DA690C9D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6C14DF5-42F7-470F-B3DD-52B5A0770EC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB7FBB2-1CC6-4DA3-85AB-66562B0A9198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "391BFC6B-9AE6-49D7-855A-CB94AD1EE5C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg6000v_firmware:v500r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "778A61F5-661E-4B41-B08D-C623957BEEE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg6000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88E8A1C0-CD02-4D4E-8DFC-0E03CF914C68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
},
{
"lang": "es",
"value": "Existen m\u00faltiples vulnerabilidades de lectura fuera de los l\u00edmites (OOB) en la implementaci\u00f3n del protocolo Common Open Policy Service (COPS) de algunos productos Huawei. La funci\u00f3n de decodificaci\u00f3n espec\u00edfica puede realizar una lectura fuera de los l\u00edmites cuando se procesa un paquete de datos entrante. La explotaci\u00f3n exitosa de estas vulnerabilidades puede interrumpir el servicio en el dispositivo afectado. (ID de vulnerabilidad: HWPSIRT-2018-12275, HWPSIRT-2018-12276, HWPSIRT-2018-12277, HWPSIRT-2018-12278, HWPSIRT-2018-12279, HWPSIRT-2018-12280 y HWPSIRT-2018-12289) A las siete vulnerabilidades se les han asignado siete identificadores de vulnerabilidades y exposiciones comunes (CVE): CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 y CVE-2020-1824."
}
],
"id": "CVE-2020-1823",
"lastModified": "2025-01-13T18:39:37.540",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-12-28T07:15:18.357",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-1820
Vulnerability from fkie_nvd - Published: 2024-12-28 07:15 - Updated: 2025-01-13 18:40
Severity ?
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "074FE8AB-6BE1-4E77-84E2-1D5C7205D0E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "EC0C5A24-3F4E-4F1F-BC3C-7DC6707712CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "60A9007D-D6AD-4DB9-A0AC-1E400AEC0884",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BAD43A3-730A-4ABC-89F0-DF93A06AA60F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F46A81BE-C125-4CAE-8EE1-23177FE0C21E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c20:*:*:*:*:*:*:*",
"matchCriteriaId": "5524ABE8-D4C4-4BCC-BB57-D1E47480330D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9D57DC59-B234-463F-8BBD-631B7EE9928C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "547D4A9A-6B57-4BBA-9FFE-CF50B9AC5DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "728A7B78-6E19-4656-848F-269DB955070C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "A26FE369-FDB8-4425-B51A-465A41FECE7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A3462B41-1DC4-4451-9575-F81C52F7A23C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E054182-CE33-45E3-8595-159A75BA5162",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "946F5FF7-412F-40F9-A492-DE8E11E7B919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "90C480FB-4D2C-49ED-A635-8B7BEFD95193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC093ED-A979-4484-B758-1C16DF2D6030",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "D7EE3877-6344-466D-90B0-68CF4A53A256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6FCA659-5DF8-44EA-91B6-A80FBB68322A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "875441DD-575F-4F4D-A6BD-23C38641D330",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8AEAB1-6106-47A2-8207-67E557A8BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD7E147-B39E-4C6F-BA5F-F046F3AE4728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "68E9D32D-46F1-495B-BF83-308DFF8822F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "627F40B6-8CD1-47EE-8937-F1FAAAB86F0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "6EE084FC-27EB-4CE6-B529-508DA690C9D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6C14DF5-42F7-470F-B3DD-52B5A0770EC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB7FBB2-1CC6-4DA3-85AB-66562B0A9198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "391BFC6B-9AE6-49D7-855A-CB94AD1EE5C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg6000v_firmware:v500r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "778A61F5-661E-4B41-B08D-C623957BEEE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg6000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88E8A1C0-CD02-4D4E-8DFC-0E03CF914C68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
},
{
"lang": "es",
"value": "Existen m\u00faltiples vulnerabilidades de lectura fuera de los l\u00edmites (OOB) en la implementaci\u00f3n del protocolo Common Open Policy Service (COPS) de algunos productos Huawei. La funci\u00f3n de decodificaci\u00f3n espec\u00edfica puede realizar una lectura fuera de los l\u00edmites cuando se procesa un paquete de datos entrante. La explotaci\u00f3n exitosa de estas vulnerabilidades puede interrumpir el servicio en el dispositivo afectado. (ID de vulnerabilidad: HWPSIRT-2018-12275, HWPSIRT-2018-12276, HWPSIRT-2018-12277, HWPSIRT-2018-12278, HWPSIRT-2018-12279, HWPSIRT-2018-12280 y HWPSIRT-2018-12289) A las siete vulnerabilidades se les han asignado siete identificadores de vulnerabilidades y exposiciones comunes (CVE): CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 y CVE-2020-1824."
}
],
"id": "CVE-2020-1820",
"lastModified": "2025-01-13T18:40:36.910",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-12-28T07:15:17.230",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-1821
Vulnerability from fkie_nvd - Published: 2024-12-28 07:15 - Updated: 2025-01-13 18:40
Severity ?
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "074FE8AB-6BE1-4E77-84E2-1D5C7205D0E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "EC0C5A24-3F4E-4F1F-BC3C-7DC6707712CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "60A9007D-D6AD-4DB9-A0AC-1E400AEC0884",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BAD43A3-730A-4ABC-89F0-DF93A06AA60F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F46A81BE-C125-4CAE-8EE1-23177FE0C21E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c20:*:*:*:*:*:*:*",
"matchCriteriaId": "5524ABE8-D4C4-4BCC-BB57-D1E47480330D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9D57DC59-B234-463F-8BBD-631B7EE9928C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "547D4A9A-6B57-4BBA-9FFE-CF50B9AC5DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "728A7B78-6E19-4656-848F-269DB955070C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "A26FE369-FDB8-4425-B51A-465A41FECE7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A3462B41-1DC4-4451-9575-F81C52F7A23C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E054182-CE33-45E3-8595-159A75BA5162",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "946F5FF7-412F-40F9-A492-DE8E11E7B919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "90C480FB-4D2C-49ED-A635-8B7BEFD95193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC093ED-A979-4484-B758-1C16DF2D6030",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "D7EE3877-6344-466D-90B0-68CF4A53A256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6FCA659-5DF8-44EA-91B6-A80FBB68322A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "875441DD-575F-4F4D-A6BD-23C38641D330",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8AEAB1-6106-47A2-8207-67E557A8BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD7E147-B39E-4C6F-BA5F-F046F3AE4728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "68E9D32D-46F1-495B-BF83-308DFF8822F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "627F40B6-8CD1-47EE-8937-F1FAAAB86F0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "6EE084FC-27EB-4CE6-B529-508DA690C9D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6C14DF5-42F7-470F-B3DD-52B5A0770EC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB7FBB2-1CC6-4DA3-85AB-66562B0A9198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "391BFC6B-9AE6-49D7-855A-CB94AD1EE5C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg6000v_firmware:v500r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "778A61F5-661E-4B41-B08D-C623957BEEE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg6000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88E8A1C0-CD02-4D4E-8DFC-0E03CF914C68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
},
{
"lang": "es",
"value": "Existen m\u00faltiples vulnerabilidades de lectura fuera de los l\u00edmites (OOB) en la implementaci\u00f3n del protocolo Common Open Policy Service (COPS) de algunos productos Huawei. La funci\u00f3n de decodificaci\u00f3n espec\u00edfica puede realizar una lectura fuera de los l\u00edmites cuando se procesa un paquete de datos entrante. La explotaci\u00f3n exitosa de estas vulnerabilidades puede interrumpir el servicio en el dispositivo afectado. (ID de vulnerabilidad: HWPSIRT-2018-12275, HWPSIRT-2018-12276, HWPSIRT-2018-12277, HWPSIRT-2018-12278, HWPSIRT-2018-12279, HWPSIRT-2018-12280 y HWPSIRT-2018-12289) A las siete vulnerabilidades se les han asignado siete identificadores de vulnerabilidades y exposiciones comunes (CVE): CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 y CVE-2020-1824."
}
],
"id": "CVE-2020-1821",
"lastModified": "2025-01-13T18:40:31.437",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-12-28T07:15:17.973",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-1819
Vulnerability from fkie_nvd - Published: 2024-12-27 10:15 - Updated: 2025-01-10 20:32
Severity ?
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "074FE8AB-6BE1-4E77-84E2-1D5C7205D0E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "EC0C5A24-3F4E-4F1F-BC3C-7DC6707712CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "60A9007D-D6AD-4DB9-A0AC-1E400AEC0884",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BAD43A3-730A-4ABC-89F0-DF93A06AA60F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F46A81BE-C125-4CAE-8EE1-23177FE0C21E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c20:*:*:*:*:*:*:*",
"matchCriteriaId": "5524ABE8-D4C4-4BCC-BB57-D1E47480330D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9D57DC59-B234-463F-8BBD-631B7EE9928C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "547D4A9A-6B57-4BBA-9FFE-CF50B9AC5DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "728A7B78-6E19-4656-848F-269DB955070C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "A26FE369-FDB8-4425-B51A-465A41FECE7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A3462B41-1DC4-4451-9575-F81C52F7A23C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E054182-CE33-45E3-8595-159A75BA5162",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "946F5FF7-412F-40F9-A492-DE8E11E7B919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "90C480FB-4D2C-49ED-A635-8B7BEFD95193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC093ED-A979-4484-B758-1C16DF2D6030",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "D7EE3877-6344-466D-90B0-68CF4A53A256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6FCA659-5DF8-44EA-91B6-A80FBB68322A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "875441DD-575F-4F4D-A6BD-23C38641D330",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8AEAB1-6106-47A2-8207-67E557A8BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD7E147-B39E-4C6F-BA5F-F046F3AE4728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "68E9D32D-46F1-495B-BF83-308DFF8822F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "627F40B6-8CD1-47EE-8937-F1FAAAB86F0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "6EE084FC-27EB-4CE6-B529-508DA690C9D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6C14DF5-42F7-470F-B3DD-52B5A0770EC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB7FBB2-1CC6-4DA3-85AB-66562B0A9198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "391BFC6B-9AE6-49D7-855A-CB94AD1EE5C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg6000v_firmware:v500r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "778A61F5-661E-4B41-B08D-C623957BEEE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg6000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88E8A1C0-CD02-4D4E-8DFC-0E03CF914C68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
},
{
"lang": "es",
"value": "Existen m\u00faltiples vulnerabilidades de lectura fuera de los l\u00edmites (OOB) en la implementaci\u00f3n del protocolo Common Open Policy Service (COPS) de algunos productos Huawei. La funci\u00f3n de decodificaci\u00f3n espec\u00edfica puede realizar una lectura fuera de los l\u00edmites cuando se procesa un paquete de datos entrante. La explotaci\u00f3n exitosa de estas vulnerabilidades puede interrumpir el servicio en el dispositivo afectado. (ID de vulnerabilidad: HWPSIRT-2018-12275, HWPSIRT-2018-12276, HWPSIRT-2018-12277, HWPSIRT-2018-12278, HWPSIRT-2018-12279, HWPSIRT-2018-12280 y HWPSIRT-2018-12289) A las siete vulnerabilidades se les han asignado siete identificadores de vulnerabilidades y exposiciones comunes (CVE): CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 y CVE-2020-1824."
}
],
"id": "CVE-2020-1819",
"lastModified": "2025-01-10T20:32:19.230",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-12-27T10:15:09.710",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-1818
Vulnerability from fkie_nvd - Published: 2024-12-27 10:15 - Updated: 2025-01-10 20:28
Severity ?
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "074FE8AB-6BE1-4E77-84E2-1D5C7205D0E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "EC0C5A24-3F4E-4F1F-BC3C-7DC6707712CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "60A9007D-D6AD-4DB9-A0AC-1E400AEC0884",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BAD43A3-730A-4ABC-89F0-DF93A06AA60F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F46A81BE-C125-4CAE-8EE1-23177FE0C21E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c20:*:*:*:*:*:*:*",
"matchCriteriaId": "5524ABE8-D4C4-4BCC-BB57-D1E47480330D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9D57DC59-B234-463F-8BBD-631B7EE9928C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "547D4A9A-6B57-4BBA-9FFE-CF50B9AC5DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "728A7B78-6E19-4656-848F-269DB955070C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "A26FE369-FDB8-4425-B51A-465A41FECE7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A3462B41-1DC4-4451-9575-F81C52F7A23C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E054182-CE33-45E3-8595-159A75BA5162",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "946F5FF7-412F-40F9-A492-DE8E11E7B919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "90C480FB-4D2C-49ED-A635-8B7BEFD95193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC093ED-A979-4484-B758-1C16DF2D6030",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "D7EE3877-6344-466D-90B0-68CF4A53A256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6FCA659-5DF8-44EA-91B6-A80FBB68322A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "875441DD-575F-4F4D-A6BD-23C38641D330",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8AEAB1-6106-47A2-8207-67E557A8BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD7E147-B39E-4C6F-BA5F-F046F3AE4728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "68E9D32D-46F1-495B-BF83-308DFF8822F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "627F40B6-8CD1-47EE-8937-F1FAAAB86F0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "6EE084FC-27EB-4CE6-B529-508DA690C9D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6C14DF5-42F7-470F-B3DD-52B5A0770EC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB7FBB2-1CC6-4DA3-85AB-66562B0A9198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "391BFC6B-9AE6-49D7-855A-CB94AD1EE5C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg6000v_firmware:v500r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "778A61F5-661E-4B41-B08D-C623957BEEE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg6000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88E8A1C0-CD02-4D4E-8DFC-0E03CF914C68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
},
{
"lang": "es",
"value": "Existen m\u00faltiples vulnerabilidades de lectura fuera de los l\u00edmites (OOB) en la implementaci\u00f3n del protocolo Common Open Policy Service (COPS) de algunos productos Huawei. La funci\u00f3n de decodificaci\u00f3n espec\u00edfica puede realizar una lectura fuera de los l\u00edmites cuando se procesa un paquete de datos entrante. La explotaci\u00f3n exitosa de estas vulnerabilidades puede interrumpir el servicio en el dispositivo afectado. (ID de vulnerabilidad: HWPSIRT-2018-12275, HWPSIRT-2018-12276, HWPSIRT-2018-12277, HWPSIRT-2018-12278, HWPSIRT-2018-12279, HWPSIRT-2018-12280 y HWPSIRT-2018-12289) A las siete vulnerabilidades se les han asignado siete identificadores de vulnerabilidades y exposiciones comunes (CVE): CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 y CVE-2020-1824."
}
],
"id": "CVE-2020-1818",
"lastModified": "2025-01-10T20:28:46.463",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-12-27T10:15:06.310",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-22356
Vulnerability from fkie_nvd - Published: 2021-11-23 16:15 - Updated: 2024-11-21 05:49
Severity ?
Summary
There is a weak secure algorithm vulnerability in Huawei products. A weak secure algorithm is used in a module. Attackers can exploit this vulnerability by capturing and analyzing the messages between devices to obtain information. This can lead to information leak.Affected product versions include: IPS Module V500R005C00SPC100, V500R005C00SPC200; NGFW Module V500R005C00SPC100, V500R005C00SPC200; Secospace USG6300 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; Secospace USG6500 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; Secospace USG6600 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; USG9500 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "2D4E285D-09FB-4123-B46A-E27818ADFFDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "C5A659FF-6019-48F8-BF60-D9FC79682435",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BAD43A3-730A-4ABC-89F0-DF93A06AA60F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA59256-7429-4D82-85FE-229EB033BDA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "E728C122-5732-48FF-910C-3241EABA3DE6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "547D4A9A-6B57-4BBA-9FFE-CF50B9AC5DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "3D8E3300-4E1E-433A-87D9-983F9C1CE2B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "7D2F8A0A-AA2F-4144-923A-4B461B1A3E99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c60spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "26CBEDA1-F057-489F-9255-C178272208CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "9EA34227-DB8B-48DF-8150-5C6815B49FA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "322A0123-38E6-4D84-97F1-15F983DC3725",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "2FA2444C-EE5E-4DFC-A9F8-4744059EF7DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "203B31A8-8C5C-42E8-8D4F-861F90FC16FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c60spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "CF816E5F-2082-4460-ABF9-93726C5879A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "F5DF54A7-6E29-4BB5-81FC-5EE75D892D12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "F0DA1F00-D38C-40AF-A14D-D5EE0B0A3751",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "1CA7BE1F-853E-4CBA-8A90-BAEA0BCC6A97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "B80E521E-1BFB-405E-9F8E-4A0734731FD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c60spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "5226BD96-2B00-469B-AADD-CD0541610BBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "4DB3FD6B-0EE4-4467-8BAE-AE52FB2906EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "4BE67E91-7805-4CAA-89EE-9226CFBD731B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "C0BF5257-8CD1-4951-9C53-07B85D468F8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "6E2CDEF7-F8C8-482E-B43D-DB3F0CE010F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c60spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "8A1EFB9D-5349-4EAF-9880-34F0D20011E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "BE7369E3-5F3F-40D1-8690-95192131B683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r005c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "ADA71C5D-4B11-401D-AEC9-907204C21476",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6064BB-5E62-4D70-B933-05B5426EEE9C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a weak secure algorithm vulnerability in Huawei products. A weak secure algorithm is used in a module. Attackers can exploit this vulnerability by capturing and analyzing the messages between devices to obtain information. This can lead to information leak.Affected product versions include: IPS Module V500R005C00SPC100, V500R005C00SPC200; NGFW Module V500R005C00SPC100, V500R005C00SPC200; Secospace USG6300 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; Secospace USG6500 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; Secospace USG6600 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; USG9500 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de algoritmo seguro d\u00e9bil en los productos de Huawei. Es usado un algoritmo seguro d\u00e9bil en un m\u00f3dulo. Los atacantes pueden explotar esta vulnerabilidad al capturar y analizar los mensajes entre dispositivos para obtener informaci\u00f3n. Esto puede conllevar una fuga de informaci\u00f3n. Las versiones de producto afectadas incluyen: M\u00f3dulo IPS V500R005C00SPC100, V500R005C00SPC200; M\u00f3dulo NGFW V500R005C00SPC100, V500R005C00SPC200; Secospace USG6300 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; Secospace USG6500 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; Secospace USG6600 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; USG9500 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200"
}
],
"id": "CVE-2021-22356",
"lastModified": "2024-11-21T05:49:58.060",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-23T16:15:08.633",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210512-01-infomationleak-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210512-01-infomationleak-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-327"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-37129
Vulnerability from fkie_nvd - Published: 2021-10-27 01:15 - Updated: 2024-11-21 06:14
Severity ?
Summary
There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00,V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00,V500R005C20;S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10;S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "60A9007D-D6AD-4DB9-A0AC-1E400AEC0884",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "A91B37BC-F4FD-499A-918E-6396251A0F5F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BAD43A3-730A-4ABC-89F0-DF93A06AA60F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9D57DC59-B234-463F-8BBD-631B7EE9928C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "547D4A9A-6B57-4BBA-9FFE-CF50B9AC5DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC093ED-A979-4484-B758-1C16DF2D6030",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "8FEB99CA-7B73-4633-9F9C-9AF54B0A43FA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r010c00spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "975CEC1E-D82C-45AD-B920-80961221C0BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r011c10spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "C9824CC2-7B77-4FD7-9509-49FA0D94AF4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r011c10spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "0442199D-AF21-44E8-B604-7D64129FD25D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r013c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "2836F054-A1CD-4B9C-9D4E-7DD198ED6004",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r019c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "F2ED767D-2826-4ECD-8C59-B688AC54B0CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r019c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "4A58127B-8ED8-49AD-83CE-AF95E221E092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r019c10spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "A630BDAD-C254-4107-9593-1E9FB415C138",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r020c00:*:*:*:*:*:*:*",
"matchCriteriaId": "B11D63D0-072D-4E44-B254-491974603C7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r020c10:*:*:*:*:*:*:*",
"matchCriteriaId": "913DDCCC-0A91-458D-8A74-E4B9E9A71EC7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r010c00spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "0FCC64B5-1BB4-4A4B-983F-D1D986CA506E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r011c10spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "32CA1299-EA8A-4A24-96AA-DC3C5C3B9701",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r011c10spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "20386C76-4480-47ED-99AD-7ADBE41C3364",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s1700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22FE26B5-C6D6-4A6C-8526-ED94F4F57C2C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r010c00spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "4676DA03-36A6-40B1-BA74-75260083D10A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c10spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C4217C-0FBB-46BC-B108-F53A2AF259E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c10spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "744381A0-4E85-4F0C-881B-DF2F7E1DB186",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2CD071-58E4-4061-8217-990453213470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r010c00spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "6D60424B-15CE-415E-8E6C-34E5DC52E6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r010c00spc700:*:*:*:*:*:*:*",
"matchCriteriaId": "46FDAD12-710C-4FE1-950F-B57810649C16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c10spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "F402F7DA-6BDF-4C53-B33B-3D8FE1B14506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c10spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "238025D5-0E08-4708-BA6D-6E6560814525",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r019c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "35753856-3BE4-481C-8D49-077E51138633",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r010c00spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "BAA552D9-B8ED-4DD9-B825-FDB42F7070E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c10spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "83AE1FCE-5E38-4436-96B9-57DE026BDE7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c10spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "8F2F0768-EE4C-408B-8FDD-87CBC4970688",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r010c00spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "8030D59B-D7AC-4155-B23C-0E77603F9DEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r010c00spc700:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7D191A-1496-4A38-BD9B-4222A9CA31BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r011c10spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "B4342AD2-7764-4447-9341-78DF30E20416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r011c10spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "37C57D09-618F-44B0-86A8-5BAC25CA486F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r010c00spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "CD82D614-9515-4A9C-B96A-2614DDADEB7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r011c10spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "B45A35D3-D5CE-40F1-ABC2-9A9E6FA8FE46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r011c10spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "234ED4C3-67B4-4B0E-8EA1-9A70CAAD2BCF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75FAA4BF-1ED0-4059-ADA1-071AF1BF2882",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E961C6AA-400A-41CF-A230-FE7182875F1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "31F8A14F-8956-493C-8062-EAB872AD0420",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6064BB-5E62-4D70-B933-05B5426EEE9C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00,V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00,V500R005C20;S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10;S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de escritura fuera de l\u00edmites en algunos productos de Huawei. La vulnerabilidad est\u00e1 causada por una funci\u00f3n de un m\u00f3dulo que no verifica correctamente el par\u00e1metro input. Una explotaci\u00f3n con \u00e9xito podr\u00eda causar una escritura fuera de l\u00edmites conllevando a una condici\u00f3n de denegaci\u00f3n de servicio. Las versiones de producto afectadas incluyen: M\u00f3dulo IPS V500R005C00,V500R005C20;M\u00f3dulo NGFW V500R005C00;NIP6600 V500R005C00,V500R005C20; S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10; S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600; S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600; S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20"
}
],
"id": "CVE-2021-37129",
"lastModified": "2024-11-21T06:14:42.100",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-27T01:15:07.763",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-22341
Vulnerability from fkie_nvd - Published: 2021-06-29 20:15 - Updated: 2024-11-21 05:49
Severity ?
Summary
There is a memory leak vulnerability in Huawei products. A resource management weakness exists in a module. Attackers with high privilege can exploit this vulnerability by performing some operations. This can lead to memory leak. Affected product versions include:IPS Module V500R005C00SPC100,V500R005C00SPC200;NGFW Module V500R005C00SPC100,V500R005C00SPC200;NIP6300 V500R005C00SPC100,V500R005C10SPC200;NIP6600 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6300 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6500 V500R005C00SPC100,V500R005C10SPC200;Secospace USG6600 V500R005C00SPC100,V500R005C00SPC200.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | ips_module_firmware | v500r005c00spc100 | |
| huawei | ips_module_firmware | v500r005c00spc200 | |
| huawei | ips_module | - | |
| huawei | ngfw_module_firmware | v500r005c00spc100 | |
| huawei | ngfw_module_firmware | v500r005c00spc200 | |
| huawei | ngfw_module | - | |
| huawei | nip6300_firmware | v500r005c00spc100 | |
| huawei | nip6300_firmware | v500r005c10spc200 | |
| huawei | nip6300 | - | |
| huawei | nip6600_firmware | v500r005c00spc100 | |
| huawei | nip6600_firmware | v500r005c00spc200 | |
| huawei | nip6600 | - | |
| huawei | secospace_usg6300_firmware | v500r005c00spc100 | |
| huawei | secospace_usg6300_firmware | v500r005c00spc200 | |
| huawei | secospace_usg6300 | - | |
| huawei | secospace_usg6500_firmware | v500r005c00spc100 | |
| huawei | secospace_usg6500_firmware | v500r005c10spc200 | |
| huawei | secospace_usg6500 | - | |
| huawei | secospace_usg6600_firmware | v500r005c00spc100 | |
| huawei | secospace_usg6600_firmware | v500r005c00spc200 | |
| huawei | secospace_usg6600 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "2D4E285D-09FB-4123-B46A-E27818ADFFDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "C5A659FF-6019-48F8-BF60-D9FC79682435",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BAD43A3-730A-4ABC-89F0-DF93A06AA60F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA59256-7429-4D82-85FE-229EB033BDA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "E728C122-5732-48FF-910C-3241EABA3DE6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "547D4A9A-6B57-4BBA-9FFE-CF50B9AC5DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "848014B8-8D79-48C3-8ED2-EA98378428F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r005c10spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "B8448325-FBF2-4C00-8574-677956A6DE97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E054182-CE33-45E3-8595-159A75BA5162",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "AC26B79E-CBCD-4D93-A552-1A20B155F0FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r005c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "46A3FD77-200C-40D7-A31E-6D964F9A375E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "9EA34227-DB8B-48DF-8150-5C6815B49FA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "322A0123-38E6-4D84-97F1-15F983DC3725",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "F5DF54A7-6E29-4BB5-81FC-5EE75D892D12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c10spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "51E30304-8638-46A6-B467-19A7B1B4D362",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "4DB3FD6B-0EE4-4467-8BAE-AE52FB2906EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "4BE67E91-7805-4CAA-89EE-9226CFBD731B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a memory leak vulnerability in Huawei products. A resource management weakness exists in a module. Attackers with high privilege can exploit this vulnerability by performing some operations. This can lead to memory leak. Affected product versions include:IPS Module V500R005C00SPC100,V500R005C00SPC200;NGFW Module V500R005C00SPC100,V500R005C00SPC200;NIP6300 V500R005C00SPC100,V500R005C10SPC200;NIP6600 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6300 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6500 V500R005C00SPC100,V500R005C10SPC200;Secospace USG6600 V500R005C00SPC100,V500R005C00SPC200."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de p\u00e9rdida de memoria en los productos de Huawei. Se presenta una debilidad en la administraci\u00f3n de recursos en un m\u00f3dulo. Unos atacantes con altos privilegios pueden explotar esta vulnerabilidad al llevar a cabo algunas operaciones. Esto puede conllevar a una p\u00e9rdida de memoria. Las versiones de producto afectadas son: IPS Module V500R005C00SPC100,V500R005C00SPC200;NGFW Module V500R005C00SPC100,V500R005C00SPC200;NIP6300 V500R005C00SPC100,V500R005C10SPC200;NIP6600 V500R005C00SPC100,V500R005C00SPC200; Secospace USG6300 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6500 V500R005C00SPC100,V500R005C10SPC200;Secospace USG6600 V500R005C00SPC100,V500R005C00SPC200"
}
],
"id": "CVE-2021-22341",
"lastModified": "2024-11-21T05:49:56.647",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-29T20:15:08.120",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210506-01-memleak-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210506-01-memleak-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2020-1824 (GCVE-0-2020-1824)
Vulnerability from cvelistv5 – Published: 2024-12-28 06:37 – Updated: 2024-12-28 16:32
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1824",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-28T16:32:08.146658Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T16:32:25.200Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:37:14.149Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1824",
"datePublished": "2024-12-28T06:37:14.149Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-28T16:32:25.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1823 (GCVE-0-2020-1823)
Vulnerability from cvelistv5 – Published: 2024-12-28 06:29 – Updated: 2024-12-28 16:33
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1823",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-28T16:33:21.089526Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T16:33:45.933Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:29:49.051Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1823",
"datePublished": "2024-12-28T06:29:49.051Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-28T16:33:45.933Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1822 (GCVE-0-2020-1822)
Vulnerability from cvelistv5 – Published: 2024-12-28 06:21 – Updated: 2024-12-28 16:34
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1822",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-28T16:34:26.596620Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T16:34:41.792Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:21:04.473Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1822",
"datePublished": "2024-12-28T06:21:04.473Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-28T16:34:41.792Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1821 (GCVE-0-2020-1821)
Vulnerability from cvelistv5 – Published: 2024-12-28 06:16 – Updated: 2024-12-30 16:13
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1821",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-30T16:12:49.264838Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-30T16:13:03.624Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:16:58.770Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1821",
"datePublished": "2024-12-28T06:16:58.770Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-30T16:13:03.624Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1820 (GCVE-0-2020-1820)
Vulnerability from cvelistv5 – Published: 2024-12-28 06:11 – Updated: 2024-12-31 17:17
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1820",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-31T17:16:57.375041Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-31T17:17:05.860Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:11:17.446Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1820",
"datePublished": "2024-12-28T06:11:17.446Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-31T17:17:05.860Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1819 (GCVE-0-2020-1819)
Vulnerability from cvelistv5 – Published: 2024-12-27 10:05 – Updated: 2024-12-27 14:56
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1819",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-27T14:56:22.966063Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T14:56:31.845Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T10:05:47.224Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1819",
"datePublished": "2024-12-27T10:05:47.224Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-27T14:56:31.845Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1818 (GCVE-0-2020-1818)
Vulnerability from cvelistv5 – Published: 2024-12-27 10:02 – Updated: 2024-12-27 14:57
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1818",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-27T14:56:47.972518Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T14:57:27.653Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T10:02:45.710Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1818",
"datePublished": "2024-12-27T10:02:45.710Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-27T14:57:27.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22356 (GCVE-0-2021-22356)
Vulnerability from cvelistv5 – Published: 2021-11-23 15:05 – Updated: 2024-08-03 18:37
VLAI?
Summary
There is a weak secure algorithm vulnerability in Huawei products. A weak secure algorithm is used in a module. Attackers can exploit this vulnerability by capturing and analyzing the messages between devices to obtain information. This can lead to information leak.Affected product versions include: IPS Module V500R005C00SPC100, V500R005C00SPC200; NGFW Module V500R005C00SPC100, V500R005C00SPC200; Secospace USG6300 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; Secospace USG6500 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; Secospace USG6600 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; USG9500 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200.
Severity ?
No CVSS data available.
CWE
- Weak Secure Algorithm
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | IPS Module;NGFW Module;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500 |
Affected:
V500R005C00SPC100,V500R005C00SPC200
Affected: V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.543Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210512-01-infomationleak-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "IPS Module;NGFW Module;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V500R005C00SPC100,V500R005C00SPC200"
},
{
"status": "affected",
"version": "V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a weak secure algorithm vulnerability in Huawei products. A weak secure algorithm is used in a module. Attackers can exploit this vulnerability by capturing and analyzing the messages between devices to obtain information. This can lead to information leak.Affected product versions include: IPS Module V500R005C00SPC100, V500R005C00SPC200; NGFW Module V500R005C00SPC100, V500R005C00SPC200; Secospace USG6300 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; Secospace USG6500 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; Secospace USG6600 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; USG9500 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Weak Secure Algorithm",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-23T15:05:21",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210512-01-infomationleak-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22356",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "IPS Module;NGFW Module;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500",
"version": {
"version_data": [
{
"version_value": "V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a weak secure algorithm vulnerability in Huawei products. A weak secure algorithm is used in a module. Attackers can exploit this vulnerability by capturing and analyzing the messages between devices to obtain information. This can lead to information leak.Affected product versions include: IPS Module V500R005C00SPC100, V500R005C00SPC200; NGFW Module V500R005C00SPC100, V500R005C00SPC200; Secospace USG6300 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; Secospace USG6500 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; Secospace USG6600 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; USG9500 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Weak Secure Algorithm"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210512-01-infomationleak-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210512-01-infomationleak-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22356",
"datePublished": "2021-11-23T15:05:21",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.543Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37129 (GCVE-0-2021-37129)
Vulnerability from cvelistv5 – Published: 2021-10-27 00:41 – Updated: 2024-08-04 01:16
VLAI?
Summary
There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00,V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00,V500R005C20;S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10;S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20.
Severity ?
No CVSS data available.
CWE
- Out of Bounds Write
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | IIPS Module;NGFW Module;NIP6600;S12700;S1700;S2700;S5700;S6700;S7700;S9700;USG9500 |
Affected:
V500R005C00,V500R005C20
Affected: V500R005C00 Affected: V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10 Affected: V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600 Affected: V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500 Affected: V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:16:03.167Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "IIPS Module;NGFW Module;NIP6600;S12700;S1700;S2700;S5700;S6700;S7700;S9700;USG9500",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V500R005C00,V500R005C20"
},
{
"status": "affected",
"version": "V500R005C00"
},
{
"status": "affected",
"version": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10"
},
{
"status": "affected",
"version": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600"
},
{
"status": "affected",
"version": "V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500"
},
{
"status": "affected",
"version": "V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00,V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00,V500R005C20;S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10;S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out of Bounds Write",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-27T00:41:44",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37129",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "IIPS Module;NGFW Module;NIP6600;S12700;S1700;S2700;S5700;S6700;S7700;S9700;USG9500",
"version": {
"version_data": [
{
"version_value": "V500R005C00,V500R005C20"
},
{
"version_value": "V500R005C00"
},
{
"version_value": "V500R005C00,V500R005C20"
},
{
"version_value": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10"
},
{
"version_value": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600"
},
{
"version_value": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600"
},
{
"version_value": "V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500"
},
{
"version_value": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600"
},
{
"version_value": "V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600"
},
{
"version_value": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600"
},
{
"version_value": "V500R005C00,V500R005C20"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00,V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00,V500R005C20;S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10;S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of Bounds Write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37129",
"datePublished": "2021-10-27T00:41:44",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:16:03.167Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22341 (GCVE-0-2021-22341)
Vulnerability from cvelistv5 – Published: 2021-06-29 19:22 – Updated: 2024-08-03 18:37
VLAI?
Summary
There is a memory leak vulnerability in Huawei products. A resource management weakness exists in a module. Attackers with high privilege can exploit this vulnerability by performing some operations. This can lead to memory leak. Affected product versions include:IPS Module V500R005C00SPC100,V500R005C00SPC200;NGFW Module V500R005C00SPC100,V500R005C00SPC200;NIP6300 V500R005C00SPC100,V500R005C10SPC200;NIP6600 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6300 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6500 V500R005C00SPC100,V500R005C10SPC200;Secospace USG6600 V500R005C00SPC100,V500R005C00SPC200.
Severity ?
No CVSS data available.
CWE
- Memory Leak
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | IPS Module;NGFW Module;NIP6300;NIP6600;Secospace USG6300;Secospace USG6500;Secospace USG6600 |
Affected:
V500R005C00SPC100,V500R005C00SPC200
Affected: V500R005C00SPC100,V500R005C10SPC200 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210506-01-memleak-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "IPS Module;NGFW Module;NIP6300;NIP6600;Secospace USG6300;Secospace USG6500;Secospace USG6600",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V500R005C00SPC100,V500R005C00SPC200"
},
{
"status": "affected",
"version": "V500R005C00SPC100,V500R005C10SPC200"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a memory leak vulnerability in Huawei products. A resource management weakness exists in a module. Attackers with high privilege can exploit this vulnerability by performing some operations. This can lead to memory leak. Affected product versions include:IPS Module V500R005C00SPC100,V500R005C00SPC200;NGFW Module V500R005C00SPC100,V500R005C00SPC200;NIP6300 V500R005C00SPC100,V500R005C10SPC200;NIP6600 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6300 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6500 V500R005C00SPC100,V500R005C10SPC200;Secospace USG6600 V500R005C00SPC100,V500R005C00SPC200."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Leak",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-29T19:22:23",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210506-01-memleak-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22341",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "IPS Module;NGFW Module;NIP6300;NIP6600;Secospace USG6300;Secospace USG6500;Secospace USG6600",
"version": {
"version_data": [
{
"version_value": "V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R005C00SPC100,V500R005C10SPC200"
},
{
"version_value": "V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R005C00SPC100,V500R005C10SPC200"
},
{
"version_value": "V500R005C00SPC100,V500R005C00SPC200"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a memory leak vulnerability in Huawei products. A resource management weakness exists in a module. Attackers with high privilege can exploit this vulnerability by performing some operations. This can lead to memory leak. Affected product versions include:IPS Module V500R005C00SPC100,V500R005C00SPC200;NGFW Module V500R005C00SPC100,V500R005C00SPC200;NIP6300 V500R005C00SPC100,V500R005C10SPC200;NIP6600 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6300 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6500 V500R005C00SPC100,V500R005C10SPC200;Secospace USG6600 V500R005C00SPC100,V500R005C00SPC200."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Leak"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210506-01-memleak-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210506-01-memleak-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22341",
"datePublished": "2021-06-29T19:22:23",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1824 (GCVE-0-2020-1824)
Vulnerability from nvd – Published: 2024-12-28 06:37 – Updated: 2024-12-28 16:32
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1824",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-28T16:32:08.146658Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T16:32:25.200Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:37:14.149Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1824",
"datePublished": "2024-12-28T06:37:14.149Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-28T16:32:25.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1823 (GCVE-0-2020-1823)
Vulnerability from nvd – Published: 2024-12-28 06:29 – Updated: 2024-12-28 16:33
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1823",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-28T16:33:21.089526Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T16:33:45.933Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:29:49.051Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1823",
"datePublished": "2024-12-28T06:29:49.051Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-28T16:33:45.933Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1822 (GCVE-0-2020-1822)
Vulnerability from nvd – Published: 2024-12-28 06:21 – Updated: 2024-12-28 16:34
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1822",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-28T16:34:26.596620Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T16:34:41.792Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:21:04.473Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1822",
"datePublished": "2024-12-28T06:21:04.473Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-28T16:34:41.792Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1821 (GCVE-0-2020-1821)
Vulnerability from nvd – Published: 2024-12-28 06:16 – Updated: 2024-12-30 16:13
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1821",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-30T16:12:49.264838Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-30T16:13:03.624Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:16:58.770Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1821",
"datePublished": "2024-12-28T06:16:58.770Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-30T16:13:03.624Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1820 (GCVE-0-2020-1820)
Vulnerability from nvd – Published: 2024-12-28 06:11 – Updated: 2024-12-31 17:17
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1820",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-31T17:16:57.375041Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-31T17:17:05.860Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:11:17.446Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1820",
"datePublished": "2024-12-28T06:11:17.446Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-31T17:17:05.860Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1819 (GCVE-0-2020-1819)
Vulnerability from nvd – Published: 2024-12-27 10:05 – Updated: 2024-12-27 14:56
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1819",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-27T14:56:22.966063Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T14:56:31.845Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T10:05:47.224Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1819",
"datePublished": "2024-12-27T10:05:47.224Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-27T14:56:31.845Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1818 (GCVE-0-2020-1818)
Vulnerability from nvd – Published: 2024-12-27 10:02 – Updated: 2024-12-27 14:57
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1818",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-27T14:56:47.972518Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T14:57:27.653Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T10:02:45.710Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1818",
"datePublished": "2024-12-27T10:02:45.710Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-27T14:57:27.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22356 (GCVE-0-2021-22356)
Vulnerability from nvd – Published: 2021-11-23 15:05 – Updated: 2024-08-03 18:37
VLAI?
Summary
There is a weak secure algorithm vulnerability in Huawei products. A weak secure algorithm is used in a module. Attackers can exploit this vulnerability by capturing and analyzing the messages between devices to obtain information. This can lead to information leak.Affected product versions include: IPS Module V500R005C00SPC100, V500R005C00SPC200; NGFW Module V500R005C00SPC100, V500R005C00SPC200; Secospace USG6300 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; Secospace USG6500 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; Secospace USG6600 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; USG9500 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200.
Severity ?
No CVSS data available.
CWE
- Weak Secure Algorithm
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | IPS Module;NGFW Module;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500 |
Affected:
V500R005C00SPC100,V500R005C00SPC200
Affected: V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.543Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210512-01-infomationleak-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "IPS Module;NGFW Module;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V500R005C00SPC100,V500R005C00SPC200"
},
{
"status": "affected",
"version": "V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a weak secure algorithm vulnerability in Huawei products. A weak secure algorithm is used in a module. Attackers can exploit this vulnerability by capturing and analyzing the messages between devices to obtain information. This can lead to information leak.Affected product versions include: IPS Module V500R005C00SPC100, V500R005C00SPC200; NGFW Module V500R005C00SPC100, V500R005C00SPC200; Secospace USG6300 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; Secospace USG6500 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; Secospace USG6600 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; USG9500 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Weak Secure Algorithm",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-23T15:05:21",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210512-01-infomationleak-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22356",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "IPS Module;NGFW Module;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500",
"version": {
"version_data": [
{
"version_value": "V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a weak secure algorithm vulnerability in Huawei products. A weak secure algorithm is used in a module. Attackers can exploit this vulnerability by capturing and analyzing the messages between devices to obtain information. This can lead to information leak.Affected product versions include: IPS Module V500R005C00SPC100, V500R005C00SPC200; NGFW Module V500R005C00SPC100, V500R005C00SPC200; Secospace USG6300 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; Secospace USG6500 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; Secospace USG6600 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; USG9500 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Weak Secure Algorithm"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210512-01-infomationleak-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210512-01-infomationleak-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22356",
"datePublished": "2021-11-23T15:05:21",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.543Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37129 (GCVE-0-2021-37129)
Vulnerability from nvd – Published: 2021-10-27 00:41 – Updated: 2024-08-04 01:16
VLAI?
Summary
There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00,V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00,V500R005C20;S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10;S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20.
Severity ?
No CVSS data available.
CWE
- Out of Bounds Write
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | IIPS Module;NGFW Module;NIP6600;S12700;S1700;S2700;S5700;S6700;S7700;S9700;USG9500 |
Affected:
V500R005C00,V500R005C20
Affected: V500R005C00 Affected: V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10 Affected: V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600 Affected: V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500 Affected: V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:16:03.167Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "IIPS Module;NGFW Module;NIP6600;S12700;S1700;S2700;S5700;S6700;S7700;S9700;USG9500",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V500R005C00,V500R005C20"
},
{
"status": "affected",
"version": "V500R005C00"
},
{
"status": "affected",
"version": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10"
},
{
"status": "affected",
"version": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600"
},
{
"status": "affected",
"version": "V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500"
},
{
"status": "affected",
"version": "V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00,V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00,V500R005C20;S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10;S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out of Bounds Write",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-27T00:41:44",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37129",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "IIPS Module;NGFW Module;NIP6600;S12700;S1700;S2700;S5700;S6700;S7700;S9700;USG9500",
"version": {
"version_data": [
{
"version_value": "V500R005C00,V500R005C20"
},
{
"version_value": "V500R005C00"
},
{
"version_value": "V500R005C00,V500R005C20"
},
{
"version_value": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10"
},
{
"version_value": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600"
},
{
"version_value": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600"
},
{
"version_value": "V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500"
},
{
"version_value": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600"
},
{
"version_value": "V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600"
},
{
"version_value": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600"
},
{
"version_value": "V500R005C00,V500R005C20"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00,V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00,V500R005C20;S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10;S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of Bounds Write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37129",
"datePublished": "2021-10-27T00:41:44",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:16:03.167Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22341 (GCVE-0-2021-22341)
Vulnerability from nvd – Published: 2021-06-29 19:22 – Updated: 2024-08-03 18:37
VLAI?
Summary
There is a memory leak vulnerability in Huawei products. A resource management weakness exists in a module. Attackers with high privilege can exploit this vulnerability by performing some operations. This can lead to memory leak. Affected product versions include:IPS Module V500R005C00SPC100,V500R005C00SPC200;NGFW Module V500R005C00SPC100,V500R005C00SPC200;NIP6300 V500R005C00SPC100,V500R005C10SPC200;NIP6600 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6300 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6500 V500R005C00SPC100,V500R005C10SPC200;Secospace USG6600 V500R005C00SPC100,V500R005C00SPC200.
Severity ?
No CVSS data available.
CWE
- Memory Leak
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | IPS Module;NGFW Module;NIP6300;NIP6600;Secospace USG6300;Secospace USG6500;Secospace USG6600 |
Affected:
V500R005C00SPC100,V500R005C00SPC200
Affected: V500R005C00SPC100,V500R005C10SPC200 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210506-01-memleak-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "IPS Module;NGFW Module;NIP6300;NIP6600;Secospace USG6300;Secospace USG6500;Secospace USG6600",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V500R005C00SPC100,V500R005C00SPC200"
},
{
"status": "affected",
"version": "V500R005C00SPC100,V500R005C10SPC200"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a memory leak vulnerability in Huawei products. A resource management weakness exists in a module. Attackers with high privilege can exploit this vulnerability by performing some operations. This can lead to memory leak. Affected product versions include:IPS Module V500R005C00SPC100,V500R005C00SPC200;NGFW Module V500R005C00SPC100,V500R005C00SPC200;NIP6300 V500R005C00SPC100,V500R005C10SPC200;NIP6600 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6300 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6500 V500R005C00SPC100,V500R005C10SPC200;Secospace USG6600 V500R005C00SPC100,V500R005C00SPC200."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Leak",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-29T19:22:23",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210506-01-memleak-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22341",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "IPS Module;NGFW Module;NIP6300;NIP6600;Secospace USG6300;Secospace USG6500;Secospace USG6600",
"version": {
"version_data": [
{
"version_value": "V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R005C00SPC100,V500R005C10SPC200"
},
{
"version_value": "V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R005C00SPC100,V500R005C10SPC200"
},
{
"version_value": "V500R005C00SPC100,V500R005C00SPC200"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a memory leak vulnerability in Huawei products. A resource management weakness exists in a module. Attackers with high privilege can exploit this vulnerability by performing some operations. This can lead to memory leak. Affected product versions include:IPS Module V500R005C00SPC100,V500R005C00SPC200;NGFW Module V500R005C00SPC100,V500R005C00SPC200;NIP6300 V500R005C00SPC100,V500R005C10SPC200;NIP6600 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6300 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6500 V500R005C00SPC100,V500R005C10SPC200;Secospace USG6600 V500R005C00SPC100,V500R005C00SPC200."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Leak"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210506-01-memleak-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210506-01-memleak-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22341",
"datePublished": "2021-06-29T19:22:23",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}