cvelistv5 - cve-2020-9111

CVE-2020-9111 (GCVE-0-2020-9111)

Vulnerability from cvelistv5 – Published: 2020-10-19 20:02 – Updated: 2024-08-04 10:19

Summary

Severity ?

No CVSS data available.

CWE

Denial of Service

Assigner

huawei

References

URL

Tags

https://www.huawei.com/en/psirt/security-advisori…

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	E6878-370;E6878-870	Affected: 10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233) Affected: 10.0.3.1(H557SP27C233),10.0.3.1(H563SP11C233)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T10:19:20.034Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-02-dos-en"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "E6878-370;E6878-870",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233)"
            },
            {
              "status": "affected",
              "version": "10.0.3.1(H557SP27C233),10.0.3.1(H563SP11C233)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "E6878-370 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233) and E6878-870 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP11C233) have a denial of service vulnerability. The system does not properly check some events, an attacker could launch the events continually, successful exploit could cause reboot of the process."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of Service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-19T20:02:04",
        "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "shortName": "huawei"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-02-dos-en"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@huawei.com",
          "ID": "CVE-2020-9111",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "E6878-370;E6878-870",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233)"
                          },
                          {
                            "version_value": "10.0.3.1(H557SP27C233),10.0.3.1(H563SP11C233)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "E6878-370 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233) and E6878-870 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP11C233) have a denial of service vulnerability. The system does not properly check some events, an attacker could launch the events continually, successful exploit could cause reboot of the process."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of Service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-02-dos-en",
              "refsource": "MISC",
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-02-dos-en"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
    "assignerShortName": "huawei",
    "cveId": "CVE-2020-9111",
    "datePublished": "2020-10-19T20:02:04",
    "dateReserved": "2020-02-18T00:00:00",
    "dateUpdated": "2024-08-04T10:19:20.034Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:e6878-370_firmware:10.0.3.1\\\\(h557sp27c233\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEBD99EE-8827-4F40-8C41-3917AEA25239\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:e6878-370_firmware:10.0.3.1\\\\(h563sp21c233\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7793D7FE-F4FE-4BEB-8B4F-F07759A06E9F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:e6878-370:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ADA263F9-F9F5-4249-A55A-748689F0271E\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:e6878-870_firmware:10.0.3.1\\\\(h557sp27c233\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5636CCA2-763E-4F9D-8B18-7E48B34028C8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:e6878-870_firmware:10.0.3.1\\\\(h563sp11c233\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C469017B-AED2-488A-9659-11CEEC5F2E04\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:e6878-870:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C252DAF3-7A62-415D-B399-DB4859867DEE\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"E6878-370 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233) and E6878-870 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP11C233) have a denial of service vulnerability. The system does not properly check some events, an attacker could launch the events continually, successful exploit could cause reboot of the process.\"}, {\"lang\": \"es\", \"value\": \"E6878-370 versiones 10.0.3.1(H557SP27C233), 10.0.3.1(H563SP21C233) y E6878-870 versiones 10.0.3.1(H557SP27C233), 10.0.3.1(H563SP11C233), presentan una vulnerabilidad de denegaci\\u00f3n de servicio.\u0026#xa0;El sistema no comprueba apropiadamente algunos eventos, un atacante podr\\u00eda iniciar los eventos continuamente, una explotaci\\u00f3n con \\u00e9xito podr\\u00eda causar el reinicio del proceso\"}]",
      "id": "CVE-2020-9111",
      "lastModified": "2024-11-21T05:40:03.720",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 4.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 0.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:A/AC:L/Au:S/C:N/I:N/A:P\", \"baseScore\": 2.7, \"accessVector\": \"ADJACENT_NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 5.1, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2020-10-19T20:15:13.150",
      "references": "[{\"url\": \"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-02-dos-en\", \"source\": \"psirt@huawei.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-02-dos-en\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "psirt@huawei.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-9111\",\"sourceIdentifier\":\"psirt@huawei.com\",\"published\":\"2020-10-19T20:15:13.150\",\"lastModified\":\"2024-11-21T05:40:03.720\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"E6878-370 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233) and E6878-870 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP11C233) have a denial of service vulnerability. The system does not properly check some events, an attacker could launch the events continually, successful exploit could cause reboot of the process.\"},{\"lang\":\"es\",\"value\":\"E6878-370 versiones 10.0.3.1(H557SP27C233), 10.0.3.1(H563SP21C233) y E6878-870 versiones 10.0.3.1(H557SP27C233), 10.0.3.1(H563SP11C233), presentan una vulnerabilidad de denegaci\u00f3n de servicio.\u0026#xa0;El sistema no comprueba apropiadamente algunos eventos, un atacante podr\u00eda iniciar los eventos continuamente, una explotaci\u00f3n con \u00e9xito podr\u00eda causar el reinicio del proceso\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":4.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:A/AC:L/Au:S/C:N/I:N/A:P\",\"baseScore\":2.7,\"accessVector\":\"ADJACENT_NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":5.1,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:e6878-370_firmware:10.0.3.1\\\\(h557sp27c233\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEBD99EE-8827-4F40-8C41-3917AEA25239\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:e6878-370_firmware:10.0.3.1\\\\(h563sp21c233\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7793D7FE-F4FE-4BEB-8B4F-F07759A06E9F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:e6878-370:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADA263F9-F9F5-4249-A55A-748689F0271E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:e6878-870_firmware:10.0.3.1\\\\(h557sp27c233\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5636CCA2-763E-4F9D-8B18-7E48B34028C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:e6878-870_firmware:10.0.3.1\\\\(h563sp11c233\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C469017B-AED2-488A-9659-11CEEC5F2E04\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:e6878-870:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C252DAF3-7A62-415D-B399-DB4859867DEE\"}]}]}],\"references\":[{\"url\":\"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-02-dos-en\",\"source\":\"psirt@huawei.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-02-dos-en\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

VAR-202010-1175

Vulnerability from variot - Updated: 2023-12-18 12:42

E6878-370 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233) and E6878-870 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP11C233) have a denial of service vulnerability. The system does not properly check some events, an attacker could launch the events continually, successful exploit could cause reboot of the process. E6878-370 and E6878-870 Contains an unspecified vulnerability.Denial of service (DoS) It may be put into a state. Huawei E6878-370 is a portable 5G router from China's Huawei (Huawei) company. The vulnerability is caused by the system's failure to check when the user processes an event. Attackers can use the vulnerability to cause the process to restart

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202010-1175",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "e6878-370",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "10.0.3.1\\(h557sp27c233\\)"
      },
      {
        "model": "e6878-870",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "10.0.3.1\\(h563sp11c233\\)"
      },
      {
        "model": "e6878-370",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "10.0.3.1\\(h563sp21c233\\)"
      },
      {
        "model": "e6878-870",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "10.0.3.1\\(h557sp27c233\\)"
      },
      {
        "model": "e6878-370",
        "scope": null,
        "trust": 0.8,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "e6878-870",
        "scope": null,
        "trust": 0.8,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "e6878-370",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "10.0.3.1"
      },
      {
        "model": "e6878-870",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "10.0.3.1"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-59055"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-012670"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-9111"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:e6878-370_firmware:10.0.3.1\\(h557sp27c233\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:e6878-370_firmware:10.0.3.1\\(h563sp21c233\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:e6878-370:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:e6878-870_firmware:10.0.3.1\\(h557sp27c233\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:e6878-870_firmware:10.0.3.1\\(h563sp11c233\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:e6878-870:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-9111"
      }
    ]
  },
  "cve": "CVE-2020-9111",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "SINGLE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.7,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 5.1,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "LOW",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Adjacent Network",
            "authentication": "Single",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 2.7,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2020-9111",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Low",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "CNVD-2020-59055",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 4.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 0.9,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Adjacent Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 4.5,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2020-9111",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "High",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2020-9111",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2020-59055",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202010-643",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2020-9111",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-59055"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-9111"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-012670"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-9111"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202010-643"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "E6878-370 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233) and E6878-870 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP11C233) have a denial of service vulnerability. The system does not properly check some events, an attacker could launch the events continually, successful exploit could cause reboot of the process. E6878-370 and E6878-870 Contains an unspecified vulnerability.Denial of service (DoS) It may be put into a state. Huawei E6878-370 is a portable 5G router from China\u0027s Huawei (Huawei) company. The vulnerability is caused by the system\u0027s failure to check when the user processes an event. Attackers can use the vulnerability to cause the process to restart",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-9111"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-012670"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-59055"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-9111"
      }
    ],
    "trust": 2.25
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2020-9111",
        "trust": 3.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-012670",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-59055",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202010-643",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-9111",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-59055"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-9111"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-012670"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-9111"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202010-643"
      }
    ]
  },
  "id": "VAR-202010-1175",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-59055"
      }
    ],
    "trust": 1.2666667
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-59055"
      }
    ]
  },
  "last_update_date": "2023-12-18T12:42:45.699000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "huawei-sa-20201014-02-dos",
        "trust": 0.8,
        "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-02-dos-en"
      },
      {
        "title": "Patch for Huawei E6878-370 Denial of Service Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/237796"
      },
      {
        "title": "Huawei E6878-370 Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=131283"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-59055"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-012670"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202010-643"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "Lack of information (CWE-noinfo) [NVD Evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-012670"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-9111"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-02-dos-en"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9111"
      },
      {
        "trust": 0.6,
        "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20201014-02-dos-cn"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-59055"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-9111"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-012670"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-9111"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202010-643"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-59055"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-9111"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-012670"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-9111"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202010-643"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-10-27T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2020-59055"
      },
      {
        "date": "2020-10-19T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-9111"
      },
      {
        "date": "2021-05-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-012670"
      },
      {
        "date": "2020-10-19T20:15:13.150000",
        "db": "NVD",
        "id": "CVE-2020-9111"
      },
      {
        "date": "2020-10-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202010-643"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-10-28T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2020-59055"
      },
      {
        "date": "2020-10-29T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-9111"
      },
      {
        "date": "2021-05-20T08:24:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-012670"
      },
      {
        "date": "2020-10-29T18:09:54.193000",
        "db": "NVD",
        "id": "CVE-2020-9111"
      },
      {
        "date": "2020-10-30T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202010-643"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote or local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202010-643"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "E6878-370\u00a0 and \u00a0E6878-870\u00a0 Vulnerability in",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-012670"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202010-643"
      }
    ],
    "trust": 0.6
  }
}

GHSA-2MQW-GXVV-6QRC

Vulnerability from github – Published: 2022-05-24 17:31 – Updated: 2022-05-24 17:31

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2020-9111"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-10-19T20:15:00Z",
    "severity": "MODERATE"
  },
  "details": "E6878-370 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233) and E6878-870 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP11C233) have a denial of service vulnerability. The system does not properly check some events, an attacker could launch the events continually, successful exploit could cause reboot of the process.",
  "id": "GHSA-2mqw-gxvv-6qrc",
  "modified": "2022-05-24T17:31:21Z",
  "published": "2022-05-24T17:31:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9111"
    },
    {
      "type": "WEB",
      "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-02-dos-en"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2020-9111

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2020-9111

Aliases

CVE-2020-9111

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2020-9111",
    "description": "E6878-370 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233) and E6878-870 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP11C233) have a denial of service vulnerability. The system does not properly check some events, an attacker could launch the events continually, successful exploit could cause reboot of the process.",
    "id": "GSD-2020-9111"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-9111"
      ],
      "details": "E6878-370 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233) and E6878-870 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP11C233) have a denial of service vulnerability. The system does not properly check some events, an attacker could launch the events continually, successful exploit could cause reboot of the process.",
      "id": "GSD-2020-9111",
      "modified": "2023-12-13T01:21:52.450990Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@huawei.com",
        "ID": "CVE-2020-9111",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "E6878-370;E6878-870",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233)"
                        },
                        {
                          "version_value": "10.0.3.1(H557SP27C233),10.0.3.1(H563SP11C233)"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "E6878-370 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233) and E6878-870 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP11C233) have a denial of service vulnerability. The system does not properly check some events, an attacker could launch the events continually, successful exploit could cause reboot of the process."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Denial of Service"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-02-dos-en",
            "refsource": "MISC",
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-02-dos-en"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:e6878-370_firmware:10.0.3.1\\(h557sp27c233\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:e6878-370_firmware:10.0.3.1\\(h563sp21c233\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:e6878-370:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:e6878-870_firmware:10.0.3.1\\(h557sp27c233\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:e6878-870_firmware:10.0.3.1\\(h563sp11c233\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:e6878-870:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@huawei.com",
          "ID": "CVE-2020-9111"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "E6878-370 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233) and E6878-870 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP11C233) have a denial of service vulnerability. The system does not properly check some events, an attacker could launch the events continually, successful exploit could cause reboot of the process."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-02-dos-en",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-02-dos-en"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.7,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 5.1,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 4.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 0.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2020-10-29T18:09Z",
      "publishedDate": "2020-10-19T20:15Z"
    }
  }
}

CNVD-2020-59055

Vulnerability from cnvd - Published: 2020-10-27

Title

Huawei E6878-370拒绝服务漏洞

Description

Huawei E6878-370是中国华为（Huawei）公司的一款便携式5G路由器。华为 E6878-370 10.0.3.1版本，E6878-870版本10.0.3.1版本存在安全漏洞，该漏洞源于系统在用户处理某事件时没有检查，攻击者可利用该漏洞导致进程重启。

Severity

中

Patch Name

Huawei E6878-370拒绝服务漏洞的补丁

Patch Description

Huawei E6878-370是中国华为（Huawei）公司的一款便携式5G路由器。华为 E6878-370 10.0.3.1版本，E6878-870版本10.0.3.1版本存在安全漏洞，该漏洞源于系统在用户处理某事件时没有检查，攻击者可利用该漏洞导致进程重启。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://www.huawei.com/fr/psirt/security-advisories/huawei-sa-20201014-02-dos-en

Reference

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-02-dos-en

Impacted products

Name
['Huawei E6878-370 10.0.3.1', 'Huawei E6878-870 10.0.3.1']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-9111",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2020-9111"
    }
  },
  "description": "Huawei E6878-370\u662f\u4e2d\u56fd\u534e\u4e3a\uff08Huawei\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u4fbf\u643a\u5f0f5G\u8def\u7531\u5668\u3002\n\n\u534e\u4e3a E6878-370 10.0.3.1\u7248\u672c\uff0cE6878-870\u7248\u672c10.0.3.1\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7cfb\u7edf\u5728\u7528\u6237\u5904\u7406\u67d0\u4e8b\u4ef6\u65f6\u6ca1\u6709\u68c0\u67e5\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u8fdb\u7a0b\u91cd\u542f\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://www.huawei.com/fr/psirt/security-advisories/huawei-sa-20201014-02-dos-en",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-59055",
  "openTime": "2020-10-27",
  "patchDescription": "Huawei E6878-370\u662f\u4e2d\u56fd\u534e\u4e3a\uff08Huawei\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u4fbf\u643a\u5f0f5G\u8def\u7531\u5668\u3002\r\n\r\n\u534e\u4e3a E6878-370 10.0.3.1\u7248\u672c\uff0cE6878-870\u7248\u672c10.0.3.1\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7cfb\u7edf\u5728\u7528\u6237\u5904\u7406\u67d0\u4e8b\u4ef6\u65f6\u6ca1\u6709\u68c0\u67e5\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u8fdb\u7a0b\u91cd\u542f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Huawei E6878-370\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Huawei E6878-370 10.0.3.1",
      "Huawei E6878-870 10.0.3.1"
    ]
  },
  "referenceLink": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-02-dos-en",
  "serverity": "\u4e2d",
  "submitTime": "2020-10-27",
  "title": "Huawei E6878-370\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

FKIE_CVE-2020-9111

Vulnerability from fkie_nvd - Published: 2020-10-19 20:15 - Updated: 2024-11-21 05:40

Severity ?

4.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Summary

References

	URL	Tags
	psirt@huawei.com	https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-02-dos-en	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-02-dos-en	Vendor Advisory

Impacted products

Vendor	Product	Version
huawei	e6878-370_firmware	10.0.3.1\(h557sp27c233\)
huawei	e6878-370_firmware	10.0.3.1\(h563sp21c233\)
huawei	e6878-370	-
huawei	e6878-870_firmware	10.0.3.1\(h557sp27c233\)
huawei	e6878-870_firmware	10.0.3.1\(h563sp11c233\)
huawei	e6878-870	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:e6878-370_firmware:10.0.3.1\\(h557sp27c233\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DEBD99EE-8827-4F40-8C41-3917AEA25239",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:e6878-370_firmware:10.0.3.1\\(h563sp21c233\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "7793D7FE-F4FE-4BEB-8B4F-F07759A06E9F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:e6878-370:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADA263F9-F9F5-4249-A55A-748689F0271E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:e6878-870_firmware:10.0.3.1\\(h557sp27c233\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5636CCA2-763E-4F9D-8B18-7E48B34028C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:e6878-870_firmware:10.0.3.1\\(h563sp11c233\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C469017B-AED2-488A-9659-11CEEC5F2E04",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:e6878-870:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C252DAF3-7A62-415D-B399-DB4859867DEE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "E6878-370 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233) and E6878-870 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP11C233) have a denial of service vulnerability. The system does not properly check some events, an attacker could launch the events continually, successful exploit could cause reboot of the process."
    },
    {
      "lang": "es",
      "value": "E6878-370 versiones 10.0.3.1(H557SP27C233), 10.0.3.1(H563SP21C233) y E6878-870 versiones 10.0.3.1(H557SP27C233), 10.0.3.1(H563SP11C233), presentan una vulnerabilidad de denegaci\u00f3n de servicio.\u0026#xa0;El sistema no comprueba apropiadamente algunos eventos, un atacante podr\u00eda iniciar los eventos continuamente, una explotaci\u00f3n con \u00e9xito podr\u00eda causar el reinicio del proceso"
    }
  ],
  "id": "CVE-2020-9111",
  "lastModified": "2024-11-21T05:40:03.720",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 2.7,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 5.1,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 4.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-19T20:15:13.150",
  "references": [
    {
      "source": "psirt@huawei.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-02-dos-en"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-02-dos-en"
    }
  ],
  "sourceIdentifier": "psirt@huawei.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2020-9111 (GCVE-0-2020-9111)

VAR-202010-1175

GHSA-2MQW-GXVV-6QRC

GSD-2020-9111

CNVD-2020-59055

FKIE_CVE-2020-9111

Tags

Sightings

Nomenclature