Lucene search

HuaweiCVE-2020-1847

HistoryNov 13, 2020 - 3:15 p.m.

CVE-2020-1847

2020-11-1315:15:12

huawei

web.nvd.nist.gov

huawei

denial of service

vulnerability

nip6300

nip6600

secospace usg6300

secospace usg6500

usg6600

usg9500

cve-2020-1847

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

42.5%

JSON

There is a denial of service vulnerability in some Huawei products. There is no protection against the attack scenario of specific protocol. A remote, unauthorized attackers can construct attack scenarios, which leads to denial of service.Affected product versions include:NIP6300 versions V500R001C30,V500R001C60;NIP6600 versions V500R001C30,V500R001C60;Secospace USG6300 versions V500R001C30,V500R001C60;Secospace USG6500 versions V500R001C30,V500R001C60;Secospace USG6600 versions V500R001C30,V500R001C60;USG9500 versions V500R001C30,V500R001C60.

Affected configurations

Nvd

Vulners

Node

huaweinip6300_firmwareMatchv500r001c30

huaweinip6300_firmwareMatchv500r001c60

AND

huaweinip6300Match-

Node

huaweinip6600_firmwareMatchv500r001c30

huaweinip6600_firmwareMatchv500r001c60

AND

huaweinip6600Match-

Node

huaweisecospace_usg6300_firmwareMatchv500r001c30

huaweisecospace_usg6300_firmwareMatchv500r001c60

AND

huaweisecospace_usg6300Match-

Node

huaweisecospace_usg6500_firmwareMatchv500r001c30

huaweisecospace_usg6500_firmwareMatchv500r001c60

AND

huaweisecospace_usg6500Match-

Node

huaweisecospace_usg6600_firmwareMatchv500r001c30

huaweisecospace_usg6600_firmwareMatchv500r001c60

AND

huaweisecospace_usg6600Match-

Node

huaweiusg9500_firmwareMatchv500r001c30

huaweiusg9500_firmwareMatchv500r001c60

AND

huaweiusg9500Match-

VendorProductVersionCPE
huaweinip6300_firmwarev500r001c30cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*
huaweinip6300_firmwarev500r001c60cpe:2.3:o:huawei:nip6300_firmware:v500r001c60:*:*:*:*:*:*:*
huaweinip6300-cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*
huaweinip6600_firmwarev500r001c30cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*
huaweinip6600_firmwarev500r001c60cpe:2.3:o:huawei:nip6600_firmware:v500r001c60:*:*:*:*:*:*:*
huaweinip6600-cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*
huaweisecospace_usg6300_firmwarev500r001c30cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*
huaweisecospace_usg6300_firmwarev500r001c60cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c60:*:*:*:*:*:*:*
huaweisecospace_usg6300-cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*
huaweisecospace_usg6500_firmwarev500r001c30cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
huawei	nip6300_firmware	v500r001c30	cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:::::::*
huawei	nip6300_firmware	v500r001c60	cpe:2.3:o:huawei:nip6300_firmware:v500r001c60:::::::*
huawei	nip6300	-	cpe:2.3:h:huawei:nip6300:-:::::::*
huawei	nip6600_firmware	v500r001c30	cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:::::::*
huawei	nip6600_firmware	v500r001c60	cpe:2.3:o:huawei:nip6600_firmware:v500r001c60:::::::*
huawei	nip6600	-	cpe:2.3:h:huawei:nip6600:-:::::::*
huawei	secospace_usg6300_firmware	v500r001c30	cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:::::::*
huawei	secospace_usg6300_firmware	v500r001c60	cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c60:::::::*
huawei	secospace_usg6300	-	cpe:2.3:h:huawei:secospace_usg6300:-:::::::*
huawei	secospace_usg6500_firmware	v500r001c30	cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:::::::*

Rows per page:

1-10 of 181

CNA Affected

[
  {
    "product": "NIP6300;NIP6600;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "V500R001C30,V500R001C60"
      }
    ]
  }
]

References

www.huawei.com/en/psirt/security-advisories/huawei-sa-20201111-02-dos-en

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

42.5%

JSON

Related for CVE-2020-1847