Search criteria
6 vulnerabilities found for oceanstor_5310_firmware by huawei
FKIE_CVE-2020-9098
Vulnerability from fkie_nvd - Published: 2020-04-30 22:15 - Updated: 2024-11-21 05:40
Severity ?
Summary
Huawei OceanStor 5310 product with version of V500R007C60SPC100 has an invalid pointer access vulnerability. The software system access an invalid pointer when attacker malformed packet. Due to the insufficient validation of some parameter, successful exploit could cause device reboot.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | oceanstor_5310_firmware | v500r007c60spc100 | |
| huawei | oceanstor_5310 | v5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:oceanstor_5310_firmware:v500r007c60spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "58CACDE1-B634-4617-9C06-CEF8C15560E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:oceanstor_5310:v5:*:*:*:*:*:*:*",
"matchCriteriaId": "0349C9CD-761C-4B24-92A7-9BDA5566C493",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Huawei OceanStor 5310 product with version of V500R007C60SPC100 has an invalid pointer access vulnerability. The software system access an invalid pointer when attacker malformed packet. Due to the insufficient validation of some parameter, successful exploit could cause device reboot."
},
{
"lang": "es",
"value": "El producto Huawei OceanStor 5310 con versi\u00f3n V500R007C60SPC100, tiene una vulnerabilidad de acceso de puntero no v\u00e1lido. El sistema de software accede a un puntero no v\u00e1lido al momento de un paquete malformado por el atacante. Debido a la comprobaci\u00f3n insuficiente de alg\u00fan par\u00e1metro, una explotaci\u00f3n con \u00e9xito podr\u00eda causar el reinicio del dispositivo."
}
],
"id": "CVE-2020-9098",
"lastModified": "2024-11-21T05:40:01.150",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-30T22:15:12.293",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-763"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-1881
Vulnerability from fkie_nvd - Published: 2020-02-28 19:15 - Updated: 2024-11-21 05:11
Severity ?
Summary
NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability. An attacker needs to perform specific operations to trigger a function of the affected device. Due to improper resource management of the function, the vulnerability can be exploited to cause service abnormal on affected devices.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | nip6800_firmware | v500r001c30 | |
| huawei | nip6800 | - | |
| huawei | secospace_usg6600_firmware | v500r001c30spc200 | |
| huawei | secospace_usg6600_firmware | v500r001c30spc600 | |
| huawei | secospace_usg6600 | - | |
| huawei | usg9500_firmware | v500r001c30spc200 | |
| huawei | usg9500_firmware | v500r001c30spc600 | |
| huawei | usg9500 | - | |
| huawei | oceanstor_5310_firmware | v500r007c60spc100 | |
| huawei | oceanstor_5310 | 5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "4B3D681F-E141-4BB1-9437-8BFE286CB164",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "875441DD-575F-4F4D-A6BD-23C38641D330",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "1CA7BE1F-853E-4CBA-8A90-BAEA0BCC6A97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "B80E521E-1BFB-405E-9F8E-4A0734731FD0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "C0BF5257-8CD1-4951-9C53-07B85D468F8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "6E2CDEF7-F8C8-482E-B43D-DB3F0CE010F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6064BB-5E62-4D70-B933-05B5426EEE9C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:oceanstor_5310_firmware:v500r007c60spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "58CACDE1-B634-4617-9C06-CEF8C15560E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:oceanstor_5310:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9164E876-5E19-4A87-963F-8C8CC01285D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability. An attacker needs to perform specific operations to trigger a function of the affected device. Due to improper resource management of the function, the vulnerability can be exploited to cause service abnormal on affected devices."
},
{
"lang": "es",
"value": "Los productos NIP6800; Secospace USG6600; USG9500 con versiones de V500R001C30; V500R001C60SPC500; V500R005C00SPC100, presentan una vulnerabilidad de error de administraci\u00f3n de recursos. Un atacante necesita llevar a cabo operaciones espec\u00edficas para desencadenar una funci\u00f3n del dispositivo afectado. Debido a una administraci\u00f3n de recursos inapropiada de la funci\u00f3n, la vulnerabilidad puede ser explotada para causar un servicio anormal en los dispositivos afectados."
}
],
"id": "CVE-2020-1881",
"lastModified": "2024-11-21T05:11:32.250",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-28T19:15:12.170",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-02-resource-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-02-resource-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2020-9098 (GCVE-0-2020-9098)
Vulnerability from cvelistv5 – Published: 2020-04-30 21:25 – Updated: 2024-08-04 10:19
VLAI?
Summary
Huawei OceanStor 5310 product with version of V500R007C60SPC100 has an invalid pointer access vulnerability. The software system access an invalid pointer when attacker malformed packet. Due to the insufficient validation of some parameter, successful exploit could cause device reboot.
Severity ?
No CVSS data available.
CWE
- Invalid Pointer Access
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | OceanStor 5310 V5 |
Affected:
V500R007C60SPC100
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:19.683Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OceanStor 5310 V5",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V500R007C60SPC100"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Huawei OceanStor 5310 product with version of V500R007C60SPC100 has an invalid pointer access vulnerability. The software system access an invalid pointer when attacker malformed packet. Due to the insufficient validation of some parameter, successful exploit could cause device reboot."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Invalid Pointer Access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-01T05:06:05",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9098",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OceanStor 5310 V5",
"version": {
"version_data": [
{
"version_value": "V500R007C60SPC100"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei OceanStor 5310 product with version of V500R007C60SPC100 has an invalid pointer access vulnerability. The software system access an invalid pointer when attacker malformed packet. Due to the insufficient validation of some parameter, successful exploit could cause device reboot."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Invalid Pointer Access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
},
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9098",
"datePublished": "2020-04-30T21:25:23",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:19.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1881 (GCVE-0-2020-1881)
Vulnerability from cvelistv5 – Published: 2020-02-28 18:33 – Updated: 2024-08-04 06:53
VLAI?
Summary
NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability. An attacker needs to perform specific operations to trigger a function of the affected device. Due to improper resource management of the function, the vulnerability can be exploited to cause service abnormal on affected devices.
Severity ?
No CVSS data available.
CWE
- Resource Management Error
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | NIP6800;Secospace USG6600;USG9500 |
Affected:
V500R001C30
Affected: V500R001C30SPC200,V500R001C30SPC600 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:53:59.870Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-02-resource-en"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NIP6800;Secospace USG6600;USG9500",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C30SPC200,V500R001C30SPC600"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability. An attacker needs to perform specific operations to trigger a function of the affected device. Due to improper resource management of the function, the vulnerability can be exploited to cause service abnormal on affected devices."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Resource Management Error",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-30T04:06:13",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-02-resource-en"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1881",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NIP6800;Secospace USG6600;USG9500",
"version": {
"version_data": [
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C30SPC200,V500R001C30SPC600"
},
{
"version_value": "V500R001C30SPC200,V500R001C30SPC600"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability. An attacker needs to perform specific operations to trigger a function of the affected device. Due to improper resource management of the function, the vulnerability can be exploited to cause service abnormal on affected devices."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Resource Management Error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-02-resource-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-02-resource-en"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1881",
"datePublished": "2020-02-28T18:33:30",
"dateReserved": "2019-11-29T00:00:00",
"dateUpdated": "2024-08-04T06:53:59.870Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9098 (GCVE-0-2020-9098)
Vulnerability from nvd – Published: 2020-04-30 21:25 – Updated: 2024-08-04 10:19
VLAI?
Summary
Huawei OceanStor 5310 product with version of V500R007C60SPC100 has an invalid pointer access vulnerability. The software system access an invalid pointer when attacker malformed packet. Due to the insufficient validation of some parameter, successful exploit could cause device reboot.
Severity ?
No CVSS data available.
CWE
- Invalid Pointer Access
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | OceanStor 5310 V5 |
Affected:
V500R007C60SPC100
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:19.683Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OceanStor 5310 V5",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V500R007C60SPC100"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Huawei OceanStor 5310 product with version of V500R007C60SPC100 has an invalid pointer access vulnerability. The software system access an invalid pointer when attacker malformed packet. Due to the insufficient validation of some parameter, successful exploit could cause device reboot."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Invalid Pointer Access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-01T05:06:05",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9098",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OceanStor 5310 V5",
"version": {
"version_data": [
{
"version_value": "V500R007C60SPC100"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei OceanStor 5310 product with version of V500R007C60SPC100 has an invalid pointer access vulnerability. The software system access an invalid pointer when attacker malformed packet. Due to the insufficient validation of some parameter, successful exploit could cause device reboot."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Invalid Pointer Access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
},
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9098",
"datePublished": "2020-04-30T21:25:23",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:19.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1881 (GCVE-0-2020-1881)
Vulnerability from nvd – Published: 2020-02-28 18:33 – Updated: 2024-08-04 06:53
VLAI?
Summary
NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability. An attacker needs to perform specific operations to trigger a function of the affected device. Due to improper resource management of the function, the vulnerability can be exploited to cause service abnormal on affected devices.
Severity ?
No CVSS data available.
CWE
- Resource Management Error
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | NIP6800;Secospace USG6600;USG9500 |
Affected:
V500R001C30
Affected: V500R001C30SPC200,V500R001C30SPC600 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:53:59.870Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-02-resource-en"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NIP6800;Secospace USG6600;USG9500",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C30SPC200,V500R001C30SPC600"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability. An attacker needs to perform specific operations to trigger a function of the affected device. Due to improper resource management of the function, the vulnerability can be exploited to cause service abnormal on affected devices."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Resource Management Error",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-30T04:06:13",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-02-resource-en"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1881",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NIP6800;Secospace USG6600;USG9500",
"version": {
"version_data": [
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C30SPC200,V500R001C30SPC600"
},
{
"version_value": "V500R001C30SPC200,V500R001C30SPC600"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability. An attacker needs to perform specific operations to trigger a function of the affected device. Due to improper resource management of the function, the vulnerability can be exploited to cause service abnormal on affected devices."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Resource Management Error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-02-resource-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-02-resource-en"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1881",
"datePublished": "2020-02-28T18:33:30",
"dateReserved": "2019-11-29T00:00:00",
"dateUpdated": "2024-08-04T06:53:59.870Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}