Search criteria
177 vulnerabilities found for nip6300_firmware by huawei
FKIE_CVE-2020-1824
Vulnerability from fkie_nvd - Published: 2024-12-28 07:15 - Updated: 2025-01-13 18:39
Severity ?
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "074FE8AB-6BE1-4E77-84E2-1D5C7205D0E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "EC0C5A24-3F4E-4F1F-BC3C-7DC6707712CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "60A9007D-D6AD-4DB9-A0AC-1E400AEC0884",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BAD43A3-730A-4ABC-89F0-DF93A06AA60F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F46A81BE-C125-4CAE-8EE1-23177FE0C21E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c20:*:*:*:*:*:*:*",
"matchCriteriaId": "5524ABE8-D4C4-4BCC-BB57-D1E47480330D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9D57DC59-B234-463F-8BBD-631B7EE9928C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "547D4A9A-6B57-4BBA-9FFE-CF50B9AC5DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "728A7B78-6E19-4656-848F-269DB955070C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "A26FE369-FDB8-4425-B51A-465A41FECE7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A3462B41-1DC4-4451-9575-F81C52F7A23C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E054182-CE33-45E3-8595-159A75BA5162",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "946F5FF7-412F-40F9-A492-DE8E11E7B919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "90C480FB-4D2C-49ED-A635-8B7BEFD95193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC093ED-A979-4484-B758-1C16DF2D6030",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "D7EE3877-6344-466D-90B0-68CF4A53A256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6FCA659-5DF8-44EA-91B6-A80FBB68322A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "875441DD-575F-4F4D-A6BD-23C38641D330",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8AEAB1-6106-47A2-8207-67E557A8BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD7E147-B39E-4C6F-BA5F-F046F3AE4728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "68E9D32D-46F1-495B-BF83-308DFF8822F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "627F40B6-8CD1-47EE-8937-F1FAAAB86F0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "6EE084FC-27EB-4CE6-B529-508DA690C9D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6C14DF5-42F7-470F-B3DD-52B5A0770EC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB7FBB2-1CC6-4DA3-85AB-66562B0A9198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "391BFC6B-9AE6-49D7-855A-CB94AD1EE5C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg6000v_firmware:v500r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "778A61F5-661E-4B41-B08D-C623957BEEE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg6000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88E8A1C0-CD02-4D4E-8DFC-0E03CF914C68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
},
{
"lang": "es",
"value": "Existen m\u00faltiples vulnerabilidades de lectura fuera de los l\u00edmites (OOB) en la implementaci\u00f3n del protocolo Common Open Policy Service (COPS) de algunos productos Huawei. La funci\u00f3n de decodificaci\u00f3n espec\u00edfica puede realizar una lectura fuera de los l\u00edmites cuando se procesa un paquete de datos entrante. La explotaci\u00f3n exitosa de estas vulnerabilidades puede interrumpir el servicio en el dispositivo afectado. (ID de vulnerabilidad: HWPSIRT-2018-12275, HWPSIRT-2018-12276, HWPSIRT-2018-12277, HWPSIRT-2018-12278, HWPSIRT-2018-12279, HWPSIRT-2018-12280 y HWPSIRT-2018-12289) A las siete vulnerabilidades se les han asignado siete identificadores de vulnerabilidades y exposiciones comunes (CVE): CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 y CVE-2020-1824."
}
],
"id": "CVE-2020-1824",
"lastModified": "2025-01-13T18:39:27.433",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-12-28T07:15:18.530",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-1822
Vulnerability from fkie_nvd - Published: 2024-12-28 07:15 - Updated: 2025-01-13 18:40
Severity ?
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "074FE8AB-6BE1-4E77-84E2-1D5C7205D0E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "EC0C5A24-3F4E-4F1F-BC3C-7DC6707712CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "60A9007D-D6AD-4DB9-A0AC-1E400AEC0884",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BAD43A3-730A-4ABC-89F0-DF93A06AA60F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F46A81BE-C125-4CAE-8EE1-23177FE0C21E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c20:*:*:*:*:*:*:*",
"matchCriteriaId": "5524ABE8-D4C4-4BCC-BB57-D1E47480330D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9D57DC59-B234-463F-8BBD-631B7EE9928C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "547D4A9A-6B57-4BBA-9FFE-CF50B9AC5DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "728A7B78-6E19-4656-848F-269DB955070C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "A26FE369-FDB8-4425-B51A-465A41FECE7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A3462B41-1DC4-4451-9575-F81C52F7A23C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E054182-CE33-45E3-8595-159A75BA5162",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "946F5FF7-412F-40F9-A492-DE8E11E7B919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "90C480FB-4D2C-49ED-A635-8B7BEFD95193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC093ED-A979-4484-B758-1C16DF2D6030",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "D7EE3877-6344-466D-90B0-68CF4A53A256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6FCA659-5DF8-44EA-91B6-A80FBB68322A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "875441DD-575F-4F4D-A6BD-23C38641D330",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8AEAB1-6106-47A2-8207-67E557A8BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD7E147-B39E-4C6F-BA5F-F046F3AE4728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "68E9D32D-46F1-495B-BF83-308DFF8822F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "627F40B6-8CD1-47EE-8937-F1FAAAB86F0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "6EE084FC-27EB-4CE6-B529-508DA690C9D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6C14DF5-42F7-470F-B3DD-52B5A0770EC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB7FBB2-1CC6-4DA3-85AB-66562B0A9198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "391BFC6B-9AE6-49D7-855A-CB94AD1EE5C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg6000v_firmware:v500r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "778A61F5-661E-4B41-B08D-C623957BEEE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg6000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88E8A1C0-CD02-4D4E-8DFC-0E03CF914C68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
},
{
"lang": "es",
"value": "Existen m\u00faltiples vulnerabilidades de lectura fuera de los l\u00edmites (OOB) en la implementaci\u00f3n del protocolo Common Open Policy Service (COPS) de algunos productos Huawei. La funci\u00f3n de decodificaci\u00f3n espec\u00edfica puede realizar una lectura fuera de los l\u00edmites cuando se procesa un paquete de datos entrante. La explotaci\u00f3n exitosa de estas vulnerabilidades puede interrumpir el servicio en el dispositivo afectado. (ID de vulnerabilidad: HWPSIRT-2018-12275, HWPSIRT-2018-12276, HWPSIRT-2018-12277, HWPSIRT-2018-12278, HWPSIRT-2018-12279, HWPSIRT-2018-12280 y HWPSIRT-2018-12289) A las siete vulnerabilidades se les han asignado siete identificadores de vulnerabilidades y exposiciones comunes (CVE): CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 y CVE-2020-1824."
}
],
"id": "CVE-2020-1822",
"lastModified": "2025-01-13T18:40:17.893",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-12-28T07:15:18.170",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-1823
Vulnerability from fkie_nvd - Published: 2024-12-28 07:15 - Updated: 2025-01-13 18:39
Severity ?
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "074FE8AB-6BE1-4E77-84E2-1D5C7205D0E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "EC0C5A24-3F4E-4F1F-BC3C-7DC6707712CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "60A9007D-D6AD-4DB9-A0AC-1E400AEC0884",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BAD43A3-730A-4ABC-89F0-DF93A06AA60F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F46A81BE-C125-4CAE-8EE1-23177FE0C21E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c20:*:*:*:*:*:*:*",
"matchCriteriaId": "5524ABE8-D4C4-4BCC-BB57-D1E47480330D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9D57DC59-B234-463F-8BBD-631B7EE9928C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "547D4A9A-6B57-4BBA-9FFE-CF50B9AC5DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "728A7B78-6E19-4656-848F-269DB955070C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "A26FE369-FDB8-4425-B51A-465A41FECE7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A3462B41-1DC4-4451-9575-F81C52F7A23C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E054182-CE33-45E3-8595-159A75BA5162",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "946F5FF7-412F-40F9-A492-DE8E11E7B919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "90C480FB-4D2C-49ED-A635-8B7BEFD95193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC093ED-A979-4484-B758-1C16DF2D6030",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "D7EE3877-6344-466D-90B0-68CF4A53A256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6FCA659-5DF8-44EA-91B6-A80FBB68322A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "875441DD-575F-4F4D-A6BD-23C38641D330",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8AEAB1-6106-47A2-8207-67E557A8BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD7E147-B39E-4C6F-BA5F-F046F3AE4728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "68E9D32D-46F1-495B-BF83-308DFF8822F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "627F40B6-8CD1-47EE-8937-F1FAAAB86F0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "6EE084FC-27EB-4CE6-B529-508DA690C9D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6C14DF5-42F7-470F-B3DD-52B5A0770EC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB7FBB2-1CC6-4DA3-85AB-66562B0A9198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "391BFC6B-9AE6-49D7-855A-CB94AD1EE5C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg6000v_firmware:v500r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "778A61F5-661E-4B41-B08D-C623957BEEE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg6000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88E8A1C0-CD02-4D4E-8DFC-0E03CF914C68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
},
{
"lang": "es",
"value": "Existen m\u00faltiples vulnerabilidades de lectura fuera de los l\u00edmites (OOB) en la implementaci\u00f3n del protocolo Common Open Policy Service (COPS) de algunos productos Huawei. La funci\u00f3n de decodificaci\u00f3n espec\u00edfica puede realizar una lectura fuera de los l\u00edmites cuando se procesa un paquete de datos entrante. La explotaci\u00f3n exitosa de estas vulnerabilidades puede interrumpir el servicio en el dispositivo afectado. (ID de vulnerabilidad: HWPSIRT-2018-12275, HWPSIRT-2018-12276, HWPSIRT-2018-12277, HWPSIRT-2018-12278, HWPSIRT-2018-12279, HWPSIRT-2018-12280 y HWPSIRT-2018-12289) A las siete vulnerabilidades se les han asignado siete identificadores de vulnerabilidades y exposiciones comunes (CVE): CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 y CVE-2020-1824."
}
],
"id": "CVE-2020-1823",
"lastModified": "2025-01-13T18:39:37.540",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-12-28T07:15:18.357",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-1820
Vulnerability from fkie_nvd - Published: 2024-12-28 07:15 - Updated: 2025-01-13 18:40
Severity ?
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "074FE8AB-6BE1-4E77-84E2-1D5C7205D0E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "EC0C5A24-3F4E-4F1F-BC3C-7DC6707712CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "60A9007D-D6AD-4DB9-A0AC-1E400AEC0884",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BAD43A3-730A-4ABC-89F0-DF93A06AA60F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F46A81BE-C125-4CAE-8EE1-23177FE0C21E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c20:*:*:*:*:*:*:*",
"matchCriteriaId": "5524ABE8-D4C4-4BCC-BB57-D1E47480330D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9D57DC59-B234-463F-8BBD-631B7EE9928C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "547D4A9A-6B57-4BBA-9FFE-CF50B9AC5DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "728A7B78-6E19-4656-848F-269DB955070C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "A26FE369-FDB8-4425-B51A-465A41FECE7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A3462B41-1DC4-4451-9575-F81C52F7A23C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E054182-CE33-45E3-8595-159A75BA5162",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "946F5FF7-412F-40F9-A492-DE8E11E7B919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "90C480FB-4D2C-49ED-A635-8B7BEFD95193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC093ED-A979-4484-B758-1C16DF2D6030",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "D7EE3877-6344-466D-90B0-68CF4A53A256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6FCA659-5DF8-44EA-91B6-A80FBB68322A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "875441DD-575F-4F4D-A6BD-23C38641D330",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8AEAB1-6106-47A2-8207-67E557A8BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD7E147-B39E-4C6F-BA5F-F046F3AE4728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "68E9D32D-46F1-495B-BF83-308DFF8822F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "627F40B6-8CD1-47EE-8937-F1FAAAB86F0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "6EE084FC-27EB-4CE6-B529-508DA690C9D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6C14DF5-42F7-470F-B3DD-52B5A0770EC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB7FBB2-1CC6-4DA3-85AB-66562B0A9198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "391BFC6B-9AE6-49D7-855A-CB94AD1EE5C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg6000v_firmware:v500r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "778A61F5-661E-4B41-B08D-C623957BEEE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg6000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88E8A1C0-CD02-4D4E-8DFC-0E03CF914C68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
},
{
"lang": "es",
"value": "Existen m\u00faltiples vulnerabilidades de lectura fuera de los l\u00edmites (OOB) en la implementaci\u00f3n del protocolo Common Open Policy Service (COPS) de algunos productos Huawei. La funci\u00f3n de decodificaci\u00f3n espec\u00edfica puede realizar una lectura fuera de los l\u00edmites cuando se procesa un paquete de datos entrante. La explotaci\u00f3n exitosa de estas vulnerabilidades puede interrumpir el servicio en el dispositivo afectado. (ID de vulnerabilidad: HWPSIRT-2018-12275, HWPSIRT-2018-12276, HWPSIRT-2018-12277, HWPSIRT-2018-12278, HWPSIRT-2018-12279, HWPSIRT-2018-12280 y HWPSIRT-2018-12289) A las siete vulnerabilidades se les han asignado siete identificadores de vulnerabilidades y exposiciones comunes (CVE): CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 y CVE-2020-1824."
}
],
"id": "CVE-2020-1820",
"lastModified": "2025-01-13T18:40:36.910",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-12-28T07:15:17.230",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-1821
Vulnerability from fkie_nvd - Published: 2024-12-28 07:15 - Updated: 2025-01-13 18:40
Severity ?
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "074FE8AB-6BE1-4E77-84E2-1D5C7205D0E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "EC0C5A24-3F4E-4F1F-BC3C-7DC6707712CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "60A9007D-D6AD-4DB9-A0AC-1E400AEC0884",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BAD43A3-730A-4ABC-89F0-DF93A06AA60F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F46A81BE-C125-4CAE-8EE1-23177FE0C21E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c20:*:*:*:*:*:*:*",
"matchCriteriaId": "5524ABE8-D4C4-4BCC-BB57-D1E47480330D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9D57DC59-B234-463F-8BBD-631B7EE9928C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "547D4A9A-6B57-4BBA-9FFE-CF50B9AC5DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "728A7B78-6E19-4656-848F-269DB955070C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "A26FE369-FDB8-4425-B51A-465A41FECE7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A3462B41-1DC4-4451-9575-F81C52F7A23C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E054182-CE33-45E3-8595-159A75BA5162",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "946F5FF7-412F-40F9-A492-DE8E11E7B919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "90C480FB-4D2C-49ED-A635-8B7BEFD95193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC093ED-A979-4484-B758-1C16DF2D6030",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "D7EE3877-6344-466D-90B0-68CF4A53A256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6FCA659-5DF8-44EA-91B6-A80FBB68322A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "875441DD-575F-4F4D-A6BD-23C38641D330",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8AEAB1-6106-47A2-8207-67E557A8BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD7E147-B39E-4C6F-BA5F-F046F3AE4728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "68E9D32D-46F1-495B-BF83-308DFF8822F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "627F40B6-8CD1-47EE-8937-F1FAAAB86F0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "6EE084FC-27EB-4CE6-B529-508DA690C9D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6C14DF5-42F7-470F-B3DD-52B5A0770EC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB7FBB2-1CC6-4DA3-85AB-66562B0A9198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "391BFC6B-9AE6-49D7-855A-CB94AD1EE5C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg6000v_firmware:v500r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "778A61F5-661E-4B41-B08D-C623957BEEE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg6000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88E8A1C0-CD02-4D4E-8DFC-0E03CF914C68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
},
{
"lang": "es",
"value": "Existen m\u00faltiples vulnerabilidades de lectura fuera de los l\u00edmites (OOB) en la implementaci\u00f3n del protocolo Common Open Policy Service (COPS) de algunos productos Huawei. La funci\u00f3n de decodificaci\u00f3n espec\u00edfica puede realizar una lectura fuera de los l\u00edmites cuando se procesa un paquete de datos entrante. La explotaci\u00f3n exitosa de estas vulnerabilidades puede interrumpir el servicio en el dispositivo afectado. (ID de vulnerabilidad: HWPSIRT-2018-12275, HWPSIRT-2018-12276, HWPSIRT-2018-12277, HWPSIRT-2018-12278, HWPSIRT-2018-12279, HWPSIRT-2018-12280 y HWPSIRT-2018-12289) A las siete vulnerabilidades se les han asignado siete identificadores de vulnerabilidades y exposiciones comunes (CVE): CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 y CVE-2020-1824."
}
],
"id": "CVE-2020-1821",
"lastModified": "2025-01-13T18:40:31.437",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-12-28T07:15:17.973",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-1819
Vulnerability from fkie_nvd - Published: 2024-12-27 10:15 - Updated: 2025-01-10 20:32
Severity ?
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "074FE8AB-6BE1-4E77-84E2-1D5C7205D0E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "EC0C5A24-3F4E-4F1F-BC3C-7DC6707712CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "60A9007D-D6AD-4DB9-A0AC-1E400AEC0884",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BAD43A3-730A-4ABC-89F0-DF93A06AA60F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F46A81BE-C125-4CAE-8EE1-23177FE0C21E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c20:*:*:*:*:*:*:*",
"matchCriteriaId": "5524ABE8-D4C4-4BCC-BB57-D1E47480330D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9D57DC59-B234-463F-8BBD-631B7EE9928C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "547D4A9A-6B57-4BBA-9FFE-CF50B9AC5DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "728A7B78-6E19-4656-848F-269DB955070C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "A26FE369-FDB8-4425-B51A-465A41FECE7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A3462B41-1DC4-4451-9575-F81C52F7A23C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E054182-CE33-45E3-8595-159A75BA5162",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "946F5FF7-412F-40F9-A492-DE8E11E7B919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "90C480FB-4D2C-49ED-A635-8B7BEFD95193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC093ED-A979-4484-B758-1C16DF2D6030",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "D7EE3877-6344-466D-90B0-68CF4A53A256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6FCA659-5DF8-44EA-91B6-A80FBB68322A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "875441DD-575F-4F4D-A6BD-23C38641D330",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8AEAB1-6106-47A2-8207-67E557A8BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD7E147-B39E-4C6F-BA5F-F046F3AE4728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "68E9D32D-46F1-495B-BF83-308DFF8822F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "627F40B6-8CD1-47EE-8937-F1FAAAB86F0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "6EE084FC-27EB-4CE6-B529-508DA690C9D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6C14DF5-42F7-470F-B3DD-52B5A0770EC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB7FBB2-1CC6-4DA3-85AB-66562B0A9198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "391BFC6B-9AE6-49D7-855A-CB94AD1EE5C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg6000v_firmware:v500r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "778A61F5-661E-4B41-B08D-C623957BEEE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg6000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88E8A1C0-CD02-4D4E-8DFC-0E03CF914C68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
},
{
"lang": "es",
"value": "Existen m\u00faltiples vulnerabilidades de lectura fuera de los l\u00edmites (OOB) en la implementaci\u00f3n del protocolo Common Open Policy Service (COPS) de algunos productos Huawei. La funci\u00f3n de decodificaci\u00f3n espec\u00edfica puede realizar una lectura fuera de los l\u00edmites cuando se procesa un paquete de datos entrante. La explotaci\u00f3n exitosa de estas vulnerabilidades puede interrumpir el servicio en el dispositivo afectado. (ID de vulnerabilidad: HWPSIRT-2018-12275, HWPSIRT-2018-12276, HWPSIRT-2018-12277, HWPSIRT-2018-12278, HWPSIRT-2018-12279, HWPSIRT-2018-12280 y HWPSIRT-2018-12289) A las siete vulnerabilidades se les han asignado siete identificadores de vulnerabilidades y exposiciones comunes (CVE): CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 y CVE-2020-1824."
}
],
"id": "CVE-2020-1819",
"lastModified": "2025-01-10T20:32:19.230",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-12-27T10:15:09.710",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-1818
Vulnerability from fkie_nvd - Published: 2024-12-27 10:15 - Updated: 2025-01-10 20:28
Severity ?
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "074FE8AB-6BE1-4E77-84E2-1D5C7205D0E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "EC0C5A24-3F4E-4F1F-BC3C-7DC6707712CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "60A9007D-D6AD-4DB9-A0AC-1E400AEC0884",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BAD43A3-730A-4ABC-89F0-DF93A06AA60F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F46A81BE-C125-4CAE-8EE1-23177FE0C21E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c20:*:*:*:*:*:*:*",
"matchCriteriaId": "5524ABE8-D4C4-4BCC-BB57-D1E47480330D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9D57DC59-B234-463F-8BBD-631B7EE9928C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "547D4A9A-6B57-4BBA-9FFE-CF50B9AC5DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "728A7B78-6E19-4656-848F-269DB955070C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "A26FE369-FDB8-4425-B51A-465A41FECE7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A3462B41-1DC4-4451-9575-F81C52F7A23C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E054182-CE33-45E3-8595-159A75BA5162",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "946F5FF7-412F-40F9-A492-DE8E11E7B919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "90C480FB-4D2C-49ED-A635-8B7BEFD95193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC093ED-A979-4484-B758-1C16DF2D6030",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "D7EE3877-6344-466D-90B0-68CF4A53A256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6FCA659-5DF8-44EA-91B6-A80FBB68322A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "875441DD-575F-4F4D-A6BD-23C38641D330",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8AEAB1-6106-47A2-8207-67E557A8BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD7E147-B39E-4C6F-BA5F-F046F3AE4728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "68E9D32D-46F1-495B-BF83-308DFF8822F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "627F40B6-8CD1-47EE-8937-F1FAAAB86F0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "6EE084FC-27EB-4CE6-B529-508DA690C9D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6C14DF5-42F7-470F-B3DD-52B5A0770EC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB7FBB2-1CC6-4DA3-85AB-66562B0A9198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "391BFC6B-9AE6-49D7-855A-CB94AD1EE5C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg6000v_firmware:v500r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "778A61F5-661E-4B41-B08D-C623957BEEE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg6000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88E8A1C0-CD02-4D4E-8DFC-0E03CF914C68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
},
{
"lang": "es",
"value": "Existen m\u00faltiples vulnerabilidades de lectura fuera de los l\u00edmites (OOB) en la implementaci\u00f3n del protocolo Common Open Policy Service (COPS) de algunos productos Huawei. La funci\u00f3n de decodificaci\u00f3n espec\u00edfica puede realizar una lectura fuera de los l\u00edmites cuando se procesa un paquete de datos entrante. La explotaci\u00f3n exitosa de estas vulnerabilidades puede interrumpir el servicio en el dispositivo afectado. (ID de vulnerabilidad: HWPSIRT-2018-12275, HWPSIRT-2018-12276, HWPSIRT-2018-12277, HWPSIRT-2018-12278, HWPSIRT-2018-12279, HWPSIRT-2018-12280 y HWPSIRT-2018-12289) A las siete vulnerabilidades se les han asignado siete identificadores de vulnerabilidades y exposiciones comunes (CVE): CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 y CVE-2020-1824."
}
],
"id": "CVE-2020-1818",
"lastModified": "2025-01-10T20:28:46.463",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-12-27T10:15:06.310",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-22341
Vulnerability from fkie_nvd - Published: 2021-06-29 20:15 - Updated: 2024-11-21 05:49
Severity ?
Summary
There is a memory leak vulnerability in Huawei products. A resource management weakness exists in a module. Attackers with high privilege can exploit this vulnerability by performing some operations. This can lead to memory leak. Affected product versions include:IPS Module V500R005C00SPC100,V500R005C00SPC200;NGFW Module V500R005C00SPC100,V500R005C00SPC200;NIP6300 V500R005C00SPC100,V500R005C10SPC200;NIP6600 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6300 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6500 V500R005C00SPC100,V500R005C10SPC200;Secospace USG6600 V500R005C00SPC100,V500R005C00SPC200.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | ips_module_firmware | v500r005c00spc100 | |
| huawei | ips_module_firmware | v500r005c00spc200 | |
| huawei | ips_module | - | |
| huawei | ngfw_module_firmware | v500r005c00spc100 | |
| huawei | ngfw_module_firmware | v500r005c00spc200 | |
| huawei | ngfw_module | - | |
| huawei | nip6300_firmware | v500r005c00spc100 | |
| huawei | nip6300_firmware | v500r005c10spc200 | |
| huawei | nip6300 | - | |
| huawei | nip6600_firmware | v500r005c00spc100 | |
| huawei | nip6600_firmware | v500r005c00spc200 | |
| huawei | nip6600 | - | |
| huawei | secospace_usg6300_firmware | v500r005c00spc100 | |
| huawei | secospace_usg6300_firmware | v500r005c00spc200 | |
| huawei | secospace_usg6300 | - | |
| huawei | secospace_usg6500_firmware | v500r005c00spc100 | |
| huawei | secospace_usg6500_firmware | v500r005c10spc200 | |
| huawei | secospace_usg6500 | - | |
| huawei | secospace_usg6600_firmware | v500r005c00spc100 | |
| huawei | secospace_usg6600_firmware | v500r005c00spc200 | |
| huawei | secospace_usg6600 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "2D4E285D-09FB-4123-B46A-E27818ADFFDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "C5A659FF-6019-48F8-BF60-D9FC79682435",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BAD43A3-730A-4ABC-89F0-DF93A06AA60F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA59256-7429-4D82-85FE-229EB033BDA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "E728C122-5732-48FF-910C-3241EABA3DE6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "547D4A9A-6B57-4BBA-9FFE-CF50B9AC5DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "848014B8-8D79-48C3-8ED2-EA98378428F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r005c10spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "B8448325-FBF2-4C00-8574-677956A6DE97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E054182-CE33-45E3-8595-159A75BA5162",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "AC26B79E-CBCD-4D93-A552-1A20B155F0FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r005c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "46A3FD77-200C-40D7-A31E-6D964F9A375E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "9EA34227-DB8B-48DF-8150-5C6815B49FA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "322A0123-38E6-4D84-97F1-15F983DC3725",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "F5DF54A7-6E29-4BB5-81FC-5EE75D892D12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c10spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "51E30304-8638-46A6-B467-19A7B1B4D362",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "4DB3FD6B-0EE4-4467-8BAE-AE52FB2906EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "4BE67E91-7805-4CAA-89EE-9226CFBD731B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a memory leak vulnerability in Huawei products. A resource management weakness exists in a module. Attackers with high privilege can exploit this vulnerability by performing some operations. This can lead to memory leak. Affected product versions include:IPS Module V500R005C00SPC100,V500R005C00SPC200;NGFW Module V500R005C00SPC100,V500R005C00SPC200;NIP6300 V500R005C00SPC100,V500R005C10SPC200;NIP6600 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6300 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6500 V500R005C00SPC100,V500R005C10SPC200;Secospace USG6600 V500R005C00SPC100,V500R005C00SPC200."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de p\u00e9rdida de memoria en los productos de Huawei. Se presenta una debilidad en la administraci\u00f3n de recursos en un m\u00f3dulo. Unos atacantes con altos privilegios pueden explotar esta vulnerabilidad al llevar a cabo algunas operaciones. Esto puede conllevar a una p\u00e9rdida de memoria. Las versiones de producto afectadas son: IPS Module V500R005C00SPC100,V500R005C00SPC200;NGFW Module V500R005C00SPC100,V500R005C00SPC200;NIP6300 V500R005C00SPC100,V500R005C10SPC200;NIP6600 V500R005C00SPC100,V500R005C00SPC200; Secospace USG6300 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6500 V500R005C00SPC100,V500R005C10SPC200;Secospace USG6600 V500R005C00SPC100,V500R005C00SPC200"
}
],
"id": "CVE-2021-22341",
"lastModified": "2024-11-21T05:49:56.647",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-29T20:15:08.120",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210506-01-memleak-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210506-01-memleak-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-22312
Vulnerability from fkie_nvd - Published: 2021-04-08 19:15 - Updated: 2024-11-21 05:49
Severity ?
Summary
There is a memory leak vulnerability in some Huawei products. An authenticated remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause some service abnormal. Affected product include some versions of IPS Module, NGFW Module, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "2D4E285D-09FB-4123-B46A-E27818ADFFDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "C5A659FF-6019-48F8-BF60-D9FC79682435",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BAD43A3-730A-4ABC-89F0-DF93A06AA60F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA59256-7429-4D82-85FE-229EB033BDA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "E728C122-5732-48FF-910C-3241EABA3DE6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "547D4A9A-6B57-4BBA-9FFE-CF50B9AC5DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "3D8E3300-4E1E-433A-87D9-983F9C1CE2B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "7D2F8A0A-AA2F-4144-923A-4B461B1A3E99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c60spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "26CBEDA1-F057-489F-9255-C178272208CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "9EA34227-DB8B-48DF-8150-5C6815B49FA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "322A0123-38E6-4D84-97F1-15F983DC3725",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "2FA2444C-EE5E-4DFC-A9F8-4744059EF7DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "203B31A8-8C5C-42E8-8D4F-861F90FC16FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c60spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "CF816E5F-2082-4460-ABF9-93726C5879A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "F5DF54A7-6E29-4BB5-81FC-5EE75D892D12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "F0DA1F00-D38C-40AF-A14D-D5EE0B0A3751",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "1CA7BE1F-853E-4CBA-8A90-BAEA0BCC6A97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "B80E521E-1BFB-405E-9F8E-4A0734731FD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c60spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "5226BD96-2B00-469B-AADD-CD0541610BBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "4DB3FD6B-0EE4-4467-8BAE-AE52FB2906EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "4BE67E91-7805-4CAA-89EE-9226CFBD731B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "C0BF5257-8CD1-4951-9C53-07B85D468F8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "6E2CDEF7-F8C8-482E-B43D-DB3F0CE010F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c60spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "8A1EFB9D-5349-4EAF-9880-34F0D20011E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "BE7369E3-5F3F-40D1-8690-95192131B683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r005c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "ADA71C5D-4B11-401D-AEC9-907204C21476",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6064BB-5E62-4D70-B933-05B5426EEE9C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c30spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "42C2CAD1-543D-47E2-9B12-6B2E8538C8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c30spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "29134400-23E7-4888-B027-A29167E95693",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c60spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "1CE35922-612B-437B-8044-56FA301E73C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "848014B8-8D79-48C3-8ED2-EA98378428F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r005c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "0E86EACC-53A8-4216-80D4-BD1BB215E151",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E054182-CE33-45E3-8595-159A75BA5162",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c30spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "F9FE889E-58A9-4D93-8054-7B845C44BDA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c30spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "AC2F5B2E-5233-4B9F-BA85-0D369C1A8805",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c60spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "73B19CF4-92DF-4BB5-B9C7-76901EC5673C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "AC26B79E-CBCD-4D93-A552-1A20B155F0FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r005c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "46A3FD77-200C-40D7-A31E-6D964F9A375E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r001c30spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "024AA4AA-8A09-4E0B-81A0-76E2960A15FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r001c30spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "8FB28A28-8766-4A28-B438-117944ABD294",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r001c60spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "C38F1E7A-0347-4E45-A0B6-CB8CE0D8A07E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r005c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "954A1F94-2442-4064-9DC5-14EFC2FA62F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r005c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "BDFB70C7-8E9A-4538-A4FF-6FA820D895CA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "875441DD-575F-4F4D-A6BD-23C38641D330",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg6000e_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "261DD2F0-5503-4939-9761-DA1219DD5633",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg6000e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821F3BBF-CFD5-41E5-9D30-9FEBA1EE4429",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6000e_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F666919C-2378-4D61-AF77-428F689E8071",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6000e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7F76C1B-1214-4A55-926C-AB0AF7333481",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ips6000e_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D0D1B96D-834B-4B64-B026-AB2F156C8A67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ips6000e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "609D868B-E091-49BD-A632-54DB6BBC9092",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a memory leak vulnerability in some Huawei products. An authenticated remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause some service abnormal. Affected product include some versions of IPS Module, NGFW Module, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad filtrado de memoria en algunos productos de Huawei.\u0026#xa0;Un atacante remoto autenticado puede explotar esta vulnerabilidad mediante el env\u00edo de un mensaje espec\u00edfico al producto afectado.\u0026#xa0;Debido a que no se libera la memoria asignada apropiadamente, una explotaci\u00f3n con \u00e9xito puede causar que el servicio sea anormal.\u0026#xa0;Los productos afectados incluyen algunas versiones de IPS Module, NGFW Module, Secospace USG6300, Secospace USG6500, Secospace USG6600 y USG9500"
}
],
"id": "CVE-2021-22312",
"lastModified": "2024-11-21T05:49:53.430",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-04-08T19:15:12.727",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-memoryleak-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-memoryleak-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-22321
Vulnerability from fkie_nvd - Published: 2021-03-22 20:15 - Updated: 2024-11-21 05:49
Severity ?
Summary
There is a use-after-free vulnerability in a Huawei product. A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operations. This can cause memory use-after-free, compromising normal service. Affected product include some versions of NIP6300, NIP6600, NIP6800, S1700, S2700, S5700, S6700 , S7700, S9700, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "728A7B78-6E19-4656-848F-269DB955070C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "A26FE369-FDB8-4425-B51A-465A41FECE7E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E054182-CE33-45E3-8595-159A75BA5162",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "946F5FF7-412F-40F9-A492-DE8E11E7B919",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "D7EE3877-6344-466D-90B0-68CF4A53A256",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "875441DD-575F-4F4D-A6BD-23C38641D330",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "AC4803A7-44B2-41BA-814D-151239B92CEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c01b102:*:*:*:*:*:*:*",
"matchCriteriaId": "BA273AD6-F7C0-49F3-A33F-E46B86168A98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD4C5CC9-FD60-4C64-8F88-CFC71BBEA663",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "933755CC-4A0B-42FB-9491-3C841059851D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "0E46ADD0-4DF7-4C87-88D6-46A2065DB5B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FB158E3E-8A26-415F-86E9-E63524EAA055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "8E146F90-3E3F-4F23-81C0-0C4F36293711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "2D6FF612-2F2B-4B75-8D97-86205DFCF0CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r009c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "0A91097D-76DB-4E5D-B520-6BF22E73BEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r009c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "D085F205-5C80-4A34-89A9-54F9FB8F2F69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "099E36B0-125F-4B3F-8D4A-01F8882CF53B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "69FA8636-5936-4776-9DF2-1BD294796F0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A843B78A-CDB1-45A0-BBAC-6F3D69AD84DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "A59EDC82-83AD-408E-AA8E-15E221C3B009",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "342E032C-BAE5-4F15-8BAE-84F9D9AA58D0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s1700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22FE26B5-C6D6-4A6C-8526-ED94F4F57C2C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FB8FC67E-DFD3-482E-B7D6-17464885B8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5561195B-7385-4175-9D29-77E95E4E9AB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "1A57254C-A4F0-47D2-8A1A-029E79BE863C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9461516A-F5BB-4A52-A315-8C2B559528A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "225A56F2-2EEB-4816-9A20-7A6E37C65FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "20648023-4CC5-4606-BE8E-70A5C20D7BE6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2CD071-58E4-4061-8217-990453213470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "21FFF548-FBEF-468A-A8DE-1DB1B7C0B3AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FA744621-893C-4F7E-80A1-66559BC6D6F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "ED5093F9-8629-4DA5-AC3A-EE5FFD7A57AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2FEF0B-B4AC-4EDB-AD25-41F4F9DA1DAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "57E9C52D-0F60-41E5-8646-1F4D908CA82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD7EF17-710B-4363-87B7-CE1B4447BF99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c10spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "9A2FFFE5-5B4E-4040-BE25-A90D77AB53FE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA5CF67-A58B-4666-B87E-712507233453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "91E52545-B12E-43EC-B132-28FA2E511316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "17889C1C-0187-4814-940D-5BA6DDA39ECF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "11F25342-CE07-44CD-BD61-A998DFC8EF8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "D31F91CA-80E9-4C2A-AD61-A4FC08C8A83E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "0C34E6D4-67FE-4AA4-A825-9666A302F771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c10spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "52947109-38C8-41A2-BC59-B43EA2343F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1D79CD09-3414-4105-AD59-F3D1BAC61B7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "37E3F87E-EA36-41ED-8793-F6C166FFC4A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "82E3273C-3C33-4880-A044-389F5CB6FECA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "749528C3-5F85-4B80-98AA-FFD5574779F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "2341D4F8-67E0-4B10-9D16-F2282D3EDBED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "26F2CC30-626B-4FEE-BDAD-6A5990DE6384",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "38515A04-EC21-40B3-A29C-8D0A5883EA4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c01b102:*:*:*:*:*:*:*",
"matchCriteriaId": "2091CE58-DB15-4D36-ABF9-5DC94D39E358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "36AB80F7-1BD2-4169-AC70-708CE84BB15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "0C6DC309-2FC6-4014-9C2B-8EE12C7BB08F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "3BBC7227-051E-4244-9A63-760D0714DA35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D42D4D0E-2E0D-448E-B83D-50A1361C048B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "90A601DF-D90C-43EB-8A56-3890CF0C252D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "1B06663D-8499-42B9-83E1-E369F1FD0070",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75FAA4BF-1ED0-4059-ADA1-071AF1BF2882",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8AEAB1-6106-47A2-8207-67E557A8BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD7E147-B39E-4C6F-BA5F-F046F3AE4728",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "627F40B6-8CD1-47EE-8937-F1FAAAB86F0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "6EE084FC-27EB-4CE6-B529-508DA690C9D8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB7FBB2-1CC6-4DA3-85AB-66562B0A9198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "F6AACFD2-9C9D-49E3-A911-0CF58F863EE0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "80F14B3F-EA8C-4A01-9968-08ECACDA6CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "74B7C57C-7CD4-4FF0-BE51-2F4794FED7AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6064BB-5E62-4D70-B933-05B5426EEE9C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a use-after-free vulnerability in a Huawei product. A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operations. This can cause memory use-after-free, compromising normal service. Affected product include some versions of NIP6300, NIP6600, NIP6800, S1700, S2700, S5700, S6700 , S7700, S9700, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de uso de la memoria previamente liberada en un producto de Huawei.\u0026#xa0;Un m\u00f3dulo no puede tratar operaciones espec\u00edficas en escenarios especiales.\u0026#xa0;Los atacantes pueden explotar esta vulnerabilidad al realizar operaciones maliciosas.\u0026#xa0;Esto puede causar un uso de la memoria previamente liberada, comprometiendo el servicio normal.\u0026#xa0;Los productos afectados incluyen algunas versiones de NIP6300, NIP6600, NIP6800, S1700, S2700, S5700, S6700, S7700, S9700, Secospace USG6300, Secospace USG6500, Secospace USG6600 y USG9500"
}
],
"id": "CVE-2021-22321",
"lastModified": "2024-11-21T05:49:54.420",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-22T20:15:17.613",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-22310
Vulnerability from fkie_nvd - Published: 2021-03-22 19:15 - Updated: 2024-11-21 05:49
Severity ?
Summary
There is an information leakage vulnerability in some huawei products. Due to the properly storage of specific information in the log file, the attacker can obtain the information when a user logs in to the device. Successful exploit may cause an information leak. Affected product versions include: NIP6300 versions V500R001C00,V500R001C20,V500R001C30;NIP6600 versions V500R001C00,V500R001C20,V500R001C30;Secospace USG6300 versions V500R001C00,V500R001C20,V500R001C30;Secospace USG6500 versions V500R001C00,V500R001C20,V500R001C30;Secospace USG6600 versions V500R001C00,V500R001C20,V500R001C30,V500R001C50,V500R001C60,V500R001C80;USG9500 versions V500R005C00,V500R005C10.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | nip6300_firmware | v500r001c00 | |
| huawei | nip6300_firmware | v500r001c20 | |
| huawei | nip6300_firmware | v500r001c30 | |
| huawei | nip6300 | - | |
| huawei | nip6600_firmware | v500r001c00 | |
| huawei | nip6600_firmware | v500r001c20 | |
| huawei | nip6600_firmware | v500r001c30 | |
| huawei | nip6600 | - | |
| huawei | secospace_usg6300_firmware | v500r001c00 | |
| huawei | secospace_usg6300_firmware | v500r001c20 | |
| huawei | secospace_usg6300_firmware | v500r001c30 | |
| huawei | secospace_usg6300 | - | |
| huawei | secospace_usg6500_firmware | v500r001c00 | |
| huawei | secospace_usg6500_firmware | v500r001c20 | |
| huawei | secospace_usg6500_firmware | v500r001c30 | |
| huawei | secospace_usg6500 | - | |
| huawei | secospace_usg6600_firmware | v500r001c00 | |
| huawei | secospace_usg6600_firmware | v500r001c20 | |
| huawei | secospace_usg6600_firmware | v500r001c30 | |
| huawei | secospace_usg6600_firmware | v500r001c50 | |
| huawei | secospace_usg6600_firmware | v500r001c60 | |
| huawei | secospace_usg6600_firmware | v500r001c80 | |
| huawei | secospace_usg6600 | - | |
| huawei | usg9500_firmware | v500r005c00 | |
| huawei | usg9500_firmware | v500r005c10 | |
| huawei | usg9500 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4B469A91-4CD0-44D2-A982-3E612B855E71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c20:*:*:*:*:*:*:*",
"matchCriteriaId": "1856722C-597D-495D-AFCC-21E5FF6F2359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "728A7B78-6E19-4656-848F-269DB955070C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E054182-CE33-45E3-8595-159A75BA5162",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5F2E0857-39E8-46C2-A723-9F09C052F2F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c20:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC040A6-3E38-4B21-9779-67CF66FDC6B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "946F5FF7-412F-40F9-A492-DE8E11E7B919",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4C996915-83A1-4EA5-A8E1-F609DA879D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c20:*:*:*:*:*:*:*",
"matchCriteriaId": "11CAA59E-F2A8-4E84-BCC5-CADA8FDA9712",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8AEAB1-6106-47A2-8207-67E557A8BF80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "3189382E-6846-4713-A92F-ABD03683F4A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c20:*:*:*:*:*:*:*",
"matchCriteriaId": "B3983A57-2F07-4D21-9093-1DFEAB310E26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "627F40B6-8CD1-47EE-8937-F1FAAAB86F0D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E990766D-FBD4-404E-A783-3D2D0BC210F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c20:*:*:*:*:*:*:*",
"matchCriteriaId": "A638ACAF-9A6F-4861-8CDB-E43FBC3C9C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB7FBB2-1CC6-4DA3-85AB-66562B0A9198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c50:*:*:*:*:*:*:*",
"matchCriteriaId": "72CE6722-BA5D-4AAE-9C72-36F06EB4DFF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "F6AACFD2-9C9D-49E3-A911-0CF58F863EE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c80:*:*:*:*:*:*:*",
"matchCriteriaId": "C0F5C89A-DA13-46D1-BDCF-0BD94F7B7861",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E961C6AA-400A-41CF-A230-FE7182875F1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r005c10:*:*:*:*:*:*:*",
"matchCriteriaId": "5A32EF67-5C9D-4F2F-BCC9-D5C5C9F69544",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6064BB-5E62-4D70-B933-05B5426EEE9C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an information leakage vulnerability in some huawei products. Due to the properly storage of specific information in the log file, the attacker can obtain the information when a user logs in to the device. Successful exploit may cause an information leak. Affected product versions include: NIP6300 versions V500R001C00,V500R001C20,V500R001C30;NIP6600 versions V500R001C00,V500R001C20,V500R001C30;Secospace USG6300 versions V500R001C00,V500R001C20,V500R001C30;Secospace USG6500 versions V500R001C00,V500R001C20,V500R001C30;Secospace USG6600 versions V500R001C00,V500R001C20,V500R001C30,V500R001C50,V500R001C60,V500R001C80;USG9500 versions V500R005C00,V500R005C10."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de filtrado de informaci\u00f3n en algunos productos Huawei.\u0026#xa0;Debido al almacenamiento apropiado de informaci\u00f3n espec\u00edfica en el archivo de registro, el atacante puede obtener la informaci\u00f3n cuando un usuario inicia sesi\u00f3n en el dispositivo.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito puede causar un filtrado de informaci\u00f3n.\u0026#xa0;versiones de productos afectados incluyen: NIP6300 versiones V500R001C00, V500R001C20, V500R001C30; NIP6600 versiones V500R001C00, V500R001C20, V500R001C30; Secospace USG6300 versiones V500R001C00, V500R001C20, V500R001C30; Secospace USG6500 versiones V500R001C00, V500R001C20, V500R001C30; Secospace USG6600 versiones V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, V500R001C80; USG9500 versiones V500R005C00, V500R005C10"
}
],
"id": "CVE-2021-22310",
"lastModified": "2024-11-21T05:49:53.197",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-22T19:15:11.773",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210203-01-plaintextlog-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210203-01-plaintextlog-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-532"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2020-1824 (GCVE-0-2020-1824)
Vulnerability from cvelistv5 – Published: 2024-12-28 06:37 – Updated: 2024-12-28 16:32
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1824",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-28T16:32:08.146658Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T16:32:25.200Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:37:14.149Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1824",
"datePublished": "2024-12-28T06:37:14.149Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-28T16:32:25.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1823 (GCVE-0-2020-1823)
Vulnerability from cvelistv5 – Published: 2024-12-28 06:29 – Updated: 2024-12-28 16:33
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1823",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-28T16:33:21.089526Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T16:33:45.933Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:29:49.051Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1823",
"datePublished": "2024-12-28T06:29:49.051Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-28T16:33:45.933Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1822 (GCVE-0-2020-1822)
Vulnerability from cvelistv5 – Published: 2024-12-28 06:21 – Updated: 2024-12-28 16:34
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1822",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-28T16:34:26.596620Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T16:34:41.792Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:21:04.473Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1822",
"datePublished": "2024-12-28T06:21:04.473Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-28T16:34:41.792Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1821 (GCVE-0-2020-1821)
Vulnerability from cvelistv5 – Published: 2024-12-28 06:16 – Updated: 2024-12-30 16:13
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1821",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-30T16:12:49.264838Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-30T16:13:03.624Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:16:58.770Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1821",
"datePublished": "2024-12-28T06:16:58.770Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-30T16:13:03.624Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1820 (GCVE-0-2020-1820)
Vulnerability from cvelistv5 – Published: 2024-12-28 06:11 – Updated: 2024-12-31 17:17
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1820",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-31T17:16:57.375041Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-31T17:17:05.860Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:11:17.446Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1820",
"datePublished": "2024-12-28T06:11:17.446Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-31T17:17:05.860Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1819 (GCVE-0-2020-1819)
Vulnerability from cvelistv5 – Published: 2024-12-27 10:05 – Updated: 2024-12-27 14:56
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1819",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-27T14:56:22.966063Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T14:56:31.845Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T10:05:47.224Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1819",
"datePublished": "2024-12-27T10:05:47.224Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-27T14:56:31.845Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1818 (GCVE-0-2020-1818)
Vulnerability from cvelistv5 – Published: 2024-12-27 10:02 – Updated: 2024-12-27 14:57
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1818",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-27T14:56:47.972518Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T14:57:27.653Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T10:02:45.710Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1818",
"datePublished": "2024-12-27T10:02:45.710Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-27T14:57:27.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22341 (GCVE-0-2021-22341)
Vulnerability from cvelistv5 – Published: 2021-06-29 19:22 – Updated: 2024-08-03 18:37
VLAI?
Summary
There is a memory leak vulnerability in Huawei products. A resource management weakness exists in a module. Attackers with high privilege can exploit this vulnerability by performing some operations. This can lead to memory leak. Affected product versions include:IPS Module V500R005C00SPC100,V500R005C00SPC200;NGFW Module V500R005C00SPC100,V500R005C00SPC200;NIP6300 V500R005C00SPC100,V500R005C10SPC200;NIP6600 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6300 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6500 V500R005C00SPC100,V500R005C10SPC200;Secospace USG6600 V500R005C00SPC100,V500R005C00SPC200.
Severity ?
No CVSS data available.
CWE
- Memory Leak
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | IPS Module;NGFW Module;NIP6300;NIP6600;Secospace USG6300;Secospace USG6500;Secospace USG6600 |
Affected:
V500R005C00SPC100,V500R005C00SPC200
Affected: V500R005C00SPC100,V500R005C10SPC200 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210506-01-memleak-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "IPS Module;NGFW Module;NIP6300;NIP6600;Secospace USG6300;Secospace USG6500;Secospace USG6600",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V500R005C00SPC100,V500R005C00SPC200"
},
{
"status": "affected",
"version": "V500R005C00SPC100,V500R005C10SPC200"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a memory leak vulnerability in Huawei products. A resource management weakness exists in a module. Attackers with high privilege can exploit this vulnerability by performing some operations. This can lead to memory leak. Affected product versions include:IPS Module V500R005C00SPC100,V500R005C00SPC200;NGFW Module V500R005C00SPC100,V500R005C00SPC200;NIP6300 V500R005C00SPC100,V500R005C10SPC200;NIP6600 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6300 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6500 V500R005C00SPC100,V500R005C10SPC200;Secospace USG6600 V500R005C00SPC100,V500R005C00SPC200."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Leak",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-29T19:22:23",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210506-01-memleak-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22341",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "IPS Module;NGFW Module;NIP6300;NIP6600;Secospace USG6300;Secospace USG6500;Secospace USG6600",
"version": {
"version_data": [
{
"version_value": "V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R005C00SPC100,V500R005C10SPC200"
},
{
"version_value": "V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R005C00SPC100,V500R005C10SPC200"
},
{
"version_value": "V500R005C00SPC100,V500R005C00SPC200"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a memory leak vulnerability in Huawei products. A resource management weakness exists in a module. Attackers with high privilege can exploit this vulnerability by performing some operations. This can lead to memory leak. Affected product versions include:IPS Module V500R005C00SPC100,V500R005C00SPC200;NGFW Module V500R005C00SPC100,V500R005C00SPC200;NIP6300 V500R005C00SPC100,V500R005C10SPC200;NIP6600 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6300 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6500 V500R005C00SPC100,V500R005C10SPC200;Secospace USG6600 V500R005C00SPC100,V500R005C00SPC200."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Leak"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210506-01-memleak-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210506-01-memleak-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22341",
"datePublished": "2021-06-29T19:22:23",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22312 (GCVE-0-2021-22312)
Vulnerability from cvelistv5 – Published: 2021-04-08 18:18 – Updated: 2024-08-03 18:37
VLAI?
Summary
There is a memory leak vulnerability in some Huawei products. An authenticated remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause some service abnormal. Affected product include some versions of IPS Module, NGFW Module, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500.
Severity ?
No CVSS data available.
CWE
- Memory Leak
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | IPS Module;NGFW Module;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500 |
Affected:
V500R005C00SPC100,V500R005C00SPC200
Affected: V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.509Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-memoryleak-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "IPS Module;NGFW Module;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V500R005C00SPC100,V500R005C00SPC200"
},
{
"status": "affected",
"version": "V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a memory leak vulnerability in some Huawei products. An authenticated remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause some service abnormal. Affected product include some versions of IPS Module, NGFW Module, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Leak",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-08T18:18:36",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-memoryleak-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22312",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "IPS Module;NGFW Module;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500",
"version": {
"version_data": [
{
"version_value": "V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a memory leak vulnerability in some Huawei products. An authenticated remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause some service abnormal. Affected product include some versions of IPS Module, NGFW Module, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Leak"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-memoryleak-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-memoryleak-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22312",
"datePublished": "2021-04-08T18:18:36",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.509Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22321 (GCVE-0-2021-22321)
Vulnerability from cvelistv5 – Published: 2021-03-22 19:03 – Updated: 2024-08-03 18:37
VLAI?
Summary
There is a use-after-free vulnerability in a Huawei product. A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operations. This can cause memory use-after-free, compromising normal service. Affected product include some versions of NIP6300, NIP6600, NIP6800, S1700, S2700, S5700, S6700 , S7700, S9700, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500.
Severity ?
No CVSS data available.
CWE
- Use After Free
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | NIP6600;NIP6800;S12700;S1700;S2700;S5700;S6700;S7700;S9700;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500 |
Affected:
V500R001C30,V500R001C60
Affected: V500R001C30 Affected: V500R001C60 Affected: V200R007C01,V200R007C01B102,V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10 Affected: V200R009C00SPC200,V200R009C00SPC500,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10 Affected: V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10 Affected: V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.499Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NIP6600;NIP6800;S12700;S1700;S2700;S5700;S6700;S7700;S9700;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V500R001C30,V500R001C60"
},
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V200R007C01,V200R007C01B102,V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"status": "affected",
"version": "V200R009C00SPC200,V200R009C00SPC500,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"status": "affected",
"version": "V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"status": "affected",
"version": "V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a use-after-free vulnerability in a Huawei product. A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operations. This can cause memory use-after-free, compromising normal service. Affected product include some versions of NIP6300, NIP6600, NIP6800, S1700, S2700, S5700, S6700 , S7700, S9700, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-22T19:03:52",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22321",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NIP6600;NIP6800;S12700;S1700;S2700;S5700;S6700;S7700;S9700;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500",
"version": {
"version_data": [
{
"version_value": "V500R001C30,V500R001C60"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C60"
},
{
"version_value": "V200R007C01,V200R007C01B102,V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R009C00SPC200,V200R009C00SPC500,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100"
},
{
"version_value": "V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100"
},
{
"version_value": "V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R007C01,V200R007C01B102,V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V500R001C30,V500R001C60"
},
{
"version_value": "V500R001C30,V500R001C60"
},
{
"version_value": "V500R001C30,V500R001C60"
},
{
"version_value": "V500R001C30,V500R001C60"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a use-after-free vulnerability in a Huawei product. A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operations. This can cause memory use-after-free, compromising normal service. Affected product include some versions of NIP6300, NIP6600, NIP6800, S1700, S2700, S5700, S6700 , S7700, S9700, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22321",
"datePublished": "2021-03-22T19:03:52",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.499Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1824 (GCVE-0-2020-1824)
Vulnerability from nvd – Published: 2024-12-28 06:37 – Updated: 2024-12-28 16:32
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1824",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-28T16:32:08.146658Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T16:32:25.200Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:37:14.149Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1824",
"datePublished": "2024-12-28T06:37:14.149Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-28T16:32:25.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1823 (GCVE-0-2020-1823)
Vulnerability from nvd – Published: 2024-12-28 06:29 – Updated: 2024-12-28 16:33
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1823",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-28T16:33:21.089526Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T16:33:45.933Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:29:49.051Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1823",
"datePublished": "2024-12-28T06:29:49.051Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-28T16:33:45.933Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1822 (GCVE-0-2020-1822)
Vulnerability from nvd – Published: 2024-12-28 06:21 – Updated: 2024-12-28 16:34
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1822",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-28T16:34:26.596620Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T16:34:41.792Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:21:04.473Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1822",
"datePublished": "2024-12-28T06:21:04.473Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-28T16:34:41.792Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1821 (GCVE-0-2020-1821)
Vulnerability from nvd – Published: 2024-12-28 06:16 – Updated: 2024-12-30 16:13
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1821",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-30T16:12:49.264838Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-30T16:13:03.624Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:16:58.770Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1821",
"datePublished": "2024-12-28T06:16:58.770Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-30T16:13:03.624Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1820 (GCVE-0-2020-1820)
Vulnerability from nvd – Published: 2024-12-28 06:11 – Updated: 2024-12-31 17:17
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1820",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-31T17:16:57.375041Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-31T17:17:05.860Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:11:17.446Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1820",
"datePublished": "2024-12-28T06:11:17.446Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-31T17:17:05.860Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1819 (GCVE-0-2020-1819)
Vulnerability from nvd – Published: 2024-12-27 10:05 – Updated: 2024-12-27 14:56
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1819",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-27T14:56:22.966063Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T14:56:31.845Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T10:05:47.224Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1819",
"datePublished": "2024-12-27T10:05:47.224Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-27T14:56:31.845Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1818 (GCVE-0-2020-1818)
Vulnerability from nvd – Published: 2024-12-27 10:02 – Updated: 2024-12-27 14:57
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1818",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-27T14:56:47.972518Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T14:57:27.653Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T10:02:45.710Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1818",
"datePublished": "2024-12-27T10:02:45.710Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-27T14:57:27.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22341 (GCVE-0-2021-22341)
Vulnerability from nvd – Published: 2021-06-29 19:22 – Updated: 2024-08-03 18:37
VLAI?
Summary
There is a memory leak vulnerability in Huawei products. A resource management weakness exists in a module. Attackers with high privilege can exploit this vulnerability by performing some operations. This can lead to memory leak. Affected product versions include:IPS Module V500R005C00SPC100,V500R005C00SPC200;NGFW Module V500R005C00SPC100,V500R005C00SPC200;NIP6300 V500R005C00SPC100,V500R005C10SPC200;NIP6600 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6300 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6500 V500R005C00SPC100,V500R005C10SPC200;Secospace USG6600 V500R005C00SPC100,V500R005C00SPC200.
Severity ?
No CVSS data available.
CWE
- Memory Leak
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | IPS Module;NGFW Module;NIP6300;NIP6600;Secospace USG6300;Secospace USG6500;Secospace USG6600 |
Affected:
V500R005C00SPC100,V500R005C00SPC200
Affected: V500R005C00SPC100,V500R005C10SPC200 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210506-01-memleak-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "IPS Module;NGFW Module;NIP6300;NIP6600;Secospace USG6300;Secospace USG6500;Secospace USG6600",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V500R005C00SPC100,V500R005C00SPC200"
},
{
"status": "affected",
"version": "V500R005C00SPC100,V500R005C10SPC200"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a memory leak vulnerability in Huawei products. A resource management weakness exists in a module. Attackers with high privilege can exploit this vulnerability by performing some operations. This can lead to memory leak. Affected product versions include:IPS Module V500R005C00SPC100,V500R005C00SPC200;NGFW Module V500R005C00SPC100,V500R005C00SPC200;NIP6300 V500R005C00SPC100,V500R005C10SPC200;NIP6600 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6300 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6500 V500R005C00SPC100,V500R005C10SPC200;Secospace USG6600 V500R005C00SPC100,V500R005C00SPC200."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Leak",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-29T19:22:23",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210506-01-memleak-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22341",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "IPS Module;NGFW Module;NIP6300;NIP6600;Secospace USG6300;Secospace USG6500;Secospace USG6600",
"version": {
"version_data": [
{
"version_value": "V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R005C00SPC100,V500R005C10SPC200"
},
{
"version_value": "V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R005C00SPC100,V500R005C10SPC200"
},
{
"version_value": "V500R005C00SPC100,V500R005C00SPC200"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a memory leak vulnerability in Huawei products. A resource management weakness exists in a module. Attackers with high privilege can exploit this vulnerability by performing some operations. This can lead to memory leak. Affected product versions include:IPS Module V500R005C00SPC100,V500R005C00SPC200;NGFW Module V500R005C00SPC100,V500R005C00SPC200;NIP6300 V500R005C00SPC100,V500R005C10SPC200;NIP6600 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6300 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6500 V500R005C00SPC100,V500R005C10SPC200;Secospace USG6600 V500R005C00SPC100,V500R005C00SPC200."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Leak"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210506-01-memleak-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210506-01-memleak-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22341",
"datePublished": "2021-06-29T19:22:23",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22312 (GCVE-0-2021-22312)
Vulnerability from nvd – Published: 2021-04-08 18:18 – Updated: 2024-08-03 18:37
VLAI?
Summary
There is a memory leak vulnerability in some Huawei products. An authenticated remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause some service abnormal. Affected product include some versions of IPS Module, NGFW Module, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500.
Severity ?
No CVSS data available.
CWE
- Memory Leak
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | IPS Module;NGFW Module;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500 |
Affected:
V500R005C00SPC100,V500R005C00SPC200
Affected: V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.509Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-memoryleak-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "IPS Module;NGFW Module;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V500R005C00SPC100,V500R005C00SPC200"
},
{
"status": "affected",
"version": "V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a memory leak vulnerability in some Huawei products. An authenticated remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause some service abnormal. Affected product include some versions of IPS Module, NGFW Module, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Leak",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-08T18:18:36",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-memoryleak-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22312",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "IPS Module;NGFW Module;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500",
"version": {
"version_data": [
{
"version_value": "V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200"
},
{
"version_value": "V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a memory leak vulnerability in some Huawei products. An authenticated remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause some service abnormal. Affected product include some versions of IPS Module, NGFW Module, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Leak"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-memoryleak-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-memoryleak-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22312",
"datePublished": "2021-04-08T18:18:36",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.509Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}