cnvd - cnvd-2020-36728

CNVD-2020-36728

Vulnerability from cnvd - Published: 2020-07-07

Title

Huawei NIP6800、Secospace USG6600和USG9500悬挂指针引用漏洞

Description

Huawei USG9500等都是中国华为（Huawei）公司的产品。USG9500是一款数据中心防火墙产品。NIP6800是一套入侵防御系统。USG6600是一款数据中防火墙产品。 Huawei NIP6800、Secospace USG6600和USG9500中存在安全漏洞。远程攻击者可通过发送构造的IPSEC报文到受影响设备利用该漏洞导致受影响设备的IPSEC功能异常。

Severity

低

Patch Name

Huawei NIP6800、Secospace USG6600和USG9500悬挂指针引用漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200212-03-firewall-cn

Reference

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-01-firewall-en https://nvd.nist.gov/vuln/detail/CVE-2020-1814

Impacted products

Name
['Huawei USG9500 V500R001C30SPC200', 'Huawei USG9500 V500R001C30SPC600', 'Huawei USG9500 V500R001C60SPC500', 'Huawei USG9500 V500R005C00', 'Huawei Secospace USG6600 V500R005C00', 'Huawei Secospace USG6600 V500R001C60SPC500', 'Huawei Secospace USG6600 V500R001C30SPC600', 'Huawei Secospace USG6600 V500R001C30SPC200', 'Huawei NIP6800 V500R001C30', 'Huawei NIP6800 V500R001C60SPC500', 'Huawei NIP6800 V500R005C00']

Name

['Huawei USG9500 V500R001C30SPC200', 'Huawei USG9500 V500R001C30SPC600', 'Huawei USG9500 V500R001C60SPC500', 'Huawei USG9500 V500R005C00', 'Huawei Secospace USG6600 V500R005C00', 'Huawei Secospace USG6600 V500R001C60SPC500', 'Huawei Secospace USG6600 V500R001C30SPC600', 'Huawei Secospace USG6600 V500R001C30SPC200', 'Huawei NIP6800 V500R001C30', 'Huawei NIP6800 V500R001C60SPC500', 'Huawei NIP6800 V500R005C00']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-1814",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2020-1814"
    }
  },
  "description": "Huawei USG9500\u7b49\u90fd\u662f\u4e2d\u56fd\u534e\u4e3a\uff08Huawei\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002USG9500\u662f\u4e00\u6b3e\u6570\u636e\u4e2d\u5fc3\u9632\u706b\u5899\u4ea7\u54c1\u3002NIP6800\u662f\u4e00\u5957\u5165\u4fb5\u9632\u5fa1\u7cfb\u7edf\u3002USG6600\u662f\u4e00\u6b3e\u6570\u636e\u4e2d\u9632\u706b\u5899\u4ea7\u54c1\u3002\n\nHuawei NIP6800\u3001Secospace USG6600\u548cUSG9500\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u53d1\u9001\u6784\u9020\u7684IPSEC\u62a5\u6587\u5230\u53d7\u5f71\u54cd\u8bbe\u5907\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u53d7\u5f71\u54cd\u8bbe\u5907\u7684IPSEC\u529f\u80fd\u5f02\u5e38\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200212-03-firewall-cn",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-36728",
  "openTime": "2020-07-07",
  "patchDescription": "Huawei USG9500\u7b49\u90fd\u662f\u4e2d\u56fd\u534e\u4e3a\uff08Huawei\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002USG9500\u662f\u4e00\u6b3e\u6570\u636e\u4e2d\u5fc3\u9632\u706b\u5899\u4ea7\u54c1\u3002NIP6800\u662f\u4e00\u5957\u5165\u4fb5\u9632\u5fa1\u7cfb\u7edf\u3002USG6600\u662f\u4e00\u6b3e\u6570\u636e\u4e2d\u9632\u706b\u5899\u4ea7\u54c1\u3002\r\n\r\nHuawei NIP6800\u3001Secospace USG6600\u548cUSG9500\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u53d1\u9001\u6784\u9020\u7684IPSEC\u62a5\u6587\u5230\u53d7\u5f71\u54cd\u8bbe\u5907\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u53d7\u5f71\u54cd\u8bbe\u5907\u7684IPSEC\u529f\u80fd\u5f02\u5e38\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Huawei NIP6800\u3001Secospace USG6600\u548cUSG9500\u60ac\u6302\u6307\u9488\u5f15\u7528\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Huawei USG9500 V500R001C30SPC200",
      "Huawei USG9500 V500R001C30SPC600",
      "Huawei USG9500 V500R001C60SPC500",
      "Huawei USG9500 V500R005C00",
      "Huawei Secospace USG6600 V500R005C00",
      "Huawei Secospace USG6600 V500R001C60SPC500",
      "Huawei Secospace USG6600 V500R001C30SPC600",
      "Huawei Secospace USG6600 V500R001C30SPC200",
      "Huawei NIP6800 V500R001C30",
      "Huawei NIP6800 V500R001C60SPC500",
      "Huawei NIP6800 V500R005C00"
    ]
  },
  "referenceLink": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-01-firewall-en\r\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-1814",
  "serverity": "\u4f4e",
  "submitTime": "2020-03-09",
  "title": "Huawei NIP6800\u3001Secospace USG6600\u548cUSG9500\u60ac\u6302\u6307\u9488\u5f15\u7528\u6f0f\u6d1e"
}

CVE-2020-1814 (GCVE-0-2020-1814)

Vulnerability from cvelistv5 – Published: 2020-02-18 01:53 – Updated: 2024-08-04 06:46

Summary

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Dangling pointer dereference vulnerability. An authenticated attacker may do some special operations in the affected products in some special scenarios to exploit the vulnerability. Due to improper race conditions of different operations, successful exploit will lead to Dangling pointer dereference, causing some service abnormal.

Severity ?

No CVSS data available.

CWE

Dangling Pointer Reference

Assigner

huawei

References

URL

Tags

http://www.huawei.com/en/psirt/security-advisorie…

x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

Huawei

NIP6800

Affected: V500R001C30
Affected: V500R001C60SPC500
Affected: V500R005C00

Huawei

Secospace USG6600, USG9500

Affected: V500R001C30SPC200
Affected: V500R001C30SPC600
Affected: V500R001C60SPC500
Affected: V500R005C00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:46:30.897Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-01-firewall-en"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "NIP6800",
          "vendor": "Huawei",
          "versions": [
            {
              "status": "affected",
              "version": "V500R001C30"
            },
            {
              "status": "affected",
              "version": "V500R001C60SPC500"
            },
            {
              "status": "affected",
              "version": "V500R005C00"
            }
          ]
        },
        {
          "product": "Secospace USG6600, USG9500",
          "vendor": "Huawei",
          "versions": [
            {
              "status": "affected",
              "version": "V500R001C30SPC200"
            },
            {
              "status": "affected",
              "version": "V500R001C30SPC600"
            },
            {
              "status": "affected",
              "version": "V500R001C60SPC500"
            },
            {
              "status": "affected",
              "version": "V500R005C00"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Dangling pointer dereference vulnerability. An authenticated attacker may do some special operations in the affected products in some special scenarios to exploit the vulnerability. Due to improper race conditions of different operations, successful exploit will lead to Dangling pointer dereference, causing some service abnormal."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Dangling Pointer Reference",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-18T01:53:40",
        "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "shortName": "huawei"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-01-firewall-en"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@huawei.com",
          "ID": "CVE-2020-1814",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "NIP6800",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "V500R001C30"
                          },
                          {
                            "version_value": "V500R001C60SPC500"
                          },
                          {
                            "version_value": "V500R005C00"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Secospace USG6600, USG9500",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "V500R001C30SPC200"
                          },
                          {
                            "version_value": "V500R001C30SPC600"
                          },
                          {
                            "version_value": "V500R001C60SPC500"
                          },
                          {
                            "version_value": "V500R005C00"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Huawei"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Dangling pointer dereference vulnerability. An authenticated attacker may do some special operations in the affected products in some special scenarios to exploit the vulnerability. Due to improper race conditions of different operations, successful exploit will lead to Dangling pointer dereference, causing some service abnormal."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Dangling Pointer Reference"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-01-firewall-en",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-01-firewall-en"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
    "assignerShortName": "huawei",
    "cveId": "CVE-2020-1814",
    "datePublished": "2020-02-18T01:53:40",
    "dateReserved": "2019-11-29T00:00:00",
    "dateUpdated": "2024-08-04T06:46:30.897Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2020-36728

CVE-2020-1814 (GCVE-0-2020-1814)

Tags

Sightings

Nomenclature