Lucene search

Huawei TechnologiesHUAWEI-SA-20200520-01-LEAKAGE

HistoryMay 20, 2020 - 12:00 a.m.

Security Advisory - Information Leakage Vulnerability in Some Huawei Products

2020-05-2000:00:00

Huawei Technologies

www.huawei.com

CVSS2

3.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:A/AC:L/Au:N/C:P/I:N/A:N

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

30.6%

JSON

There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent attacker could exploit this vulnerability to decrypt data. Successful exploitation may leak information randomly. (Vulnerability ID: HWPSIRT-2020-02166)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9069.

Huawei has released software updates to fix this vulnerability. This advisory is available at the following link:

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200520-01-leakage-en

Affected configurations

Vulners

Node

huaweianne-al00_firmwareRange<9.1.0.132

huaweianne-al00_firmwareRange<9.1.0.331

huaweibarca-al00_firmwareRange<8.0.0.377

huaweiberkeley-l09_firmwareRange<10.0.1.1

huaweicd16-10_firmwareRange<10.0.2.8

huaweicd17-10_firmwareRange<10.0.2.8

huaweicd17-16_firmwareRange<10.0.2.8

huaweicd18-10_firmwareRange<10.0.2.8

huaweicd18-16_firmwareRange<10.0.2.8

huaweicolumbia-tl00b_firmwareRange<9.0.0.187

huaweibond-tl10c_firmwareRange<10.0.0.178

huaweicornell-al00a_firmwareRange<9.1.0.346

huaweicornell-tl10b_firmwareRange<9.1.0.346

huaweie6878-370_firmwareRange<10.0.5.1

huaweifigo-l31_firmwareRange<9.1.0.203

huaweifigo-tl10b_firmwareRange<9.1.0.140

huaweiflorida-al20b_firmwareRange<9.1.0.136

huaweidura-tl00a_firmwareMatch8.0.0.120

huaweiflorida-tl10b_firmwareRange<9.1.0.136

huaweimate_20_pro_firmwareRange<10.1.0.163

huaweip30_firmwareRange<10.0.0.221

huaweiy9_2019_firmwareMatch8.2.0.155

huaweiy9_2019_firmwareMatch8.2.0.160

huaweiy9_2019_firmwareMatch8.2.0.163

huaweiy9_2019_firmwareMatch8.2.0.2

huaweiy9_2019_firmwareMatch9.1.0.256

huaweihuawei_y9s_firmwareRange<10.0.0.208

huaweinova_2s_firmwareRange<9.1.0.219

huaweinova_3_firmwareRange<9.1.0.351

huaweinova_3e_firmwareRange<9.1.0.132

huaweinova_2_firmwareRange<10.0.0.158

huaweinova_5i_pro_firmwareRange<10.0.0.123

huaweiharry-tl00c_firmwareRange<10.0.0.161

huaweiharry-al00c_firmwareMatch9.1.0.239

huaweihonor_8x_firmwareMatch8.2.0.155

huaweihonor_8x_firmwareMatch9.1.0.216

huaweijackman-l23_firmwareMatch8.2.0.188

huaweicolumbia-tl00d_firmwareRange<9.1.0.224

huaweijohnson-tl00f_firmwareMatch8.2.0.185

huaweivicky-al00c_firmwareMatch8.2.0.175

huaweijohnson-al10c_firmwareRange<10.0.0.165

huaweijohnson-tl00d_firmwareMatch8.2.0.165

huaweileland-al10b_firmwareRange<9.1.0.140

huaweileland-l42c_firmwareRange<9.1.0.166

huaweileland-tl10b_firmwareRange<9.1.0.140

huaweilelandp-al00c_firmwareMatch9.1.0.120

huaweilelandp-l22a_firmwareRange<9.1.0.166

huaweileland-l32a_firmwareRange<9.1.0.139

huaweimarie-al00ay_firmwareRange<10.0.0.158

huaweimarie-al00bx_firmwareRange<10.0.0.158

huaweimarie-l21bx_firmwareRange<10.0.0.188

huaweimarie-l22bx_firmwareRange<10.0.0.188

huaweimarie-l23bx_firmwareRange<10.0.0.188

huaweimarie-tl00bx_firmwareRange<10.0.0.158

huaweisydney-tl00_firmwareRange<8.0.0.377

huaweicolumbia-tl00d_firmwareRange<10.0.0.165

huaweilon-al00b_firmwareRange<10.0.0.166

huaweistark-al00bw_firmwareMatch9.1.0.136

huaweistark-al00dw_firmwareMatch9.1.0.136

huaweistark-al00ew_firmwareMatch9.1.0.136

huaweistark-l22b_firmwareMatch9.1.0.328

huaweistark-l22dhnx_firmwareMatch9.1.0.330

huaweiemily-tl00b_firmwareRange<10.0.0.166

huaweistark-tl00dw_firmwareMatch9.1.0.136

huaweistark-tl00ew_firmwareMatch9.1.0.136

huaweitc5200-16_firmwareRange<10.0.2.8

huaweiws5200-11_firmwareRange<10.0.2.8

huaweiws5200-12_firmwareRange<10.0.2.23

huaweiws5200-16_firmwareRange<10.0.2.8

huaweiws5200-17_firmwareRange<10.0.2.23

huaweiws5800-10_firmwareRange<10.0.3.27

huaweiws6500-10_firmwareRange<10.0.2.8

huaweiws6500-16_firmwareRange<10.0.2.8

VendorProductVersionCPE
huaweianne-al00_firmware*cpe:2.3:o:huawei:anne-al00_firmware:*:*:*:*:*:*:*:*
huaweibarca-al00_firmware*cpe:2.3:o:huawei:barca-al00_firmware:*:*:*:*:*:*:*:*
huaweiberkeley-l09_firmware*cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*
huaweicd16-10_firmware*cpe:2.3:o:huawei:cd16-10_firmware:*:*:*:*:*:*:*:*
huaweicd17-10_firmware*cpe:2.3:o:huawei:cd17-10_firmware:*:*:*:*:*:*:*:*
huaweicd17-16_firmware*cpe:2.3:o:huawei:cd17-16_firmware:*:*:*:*:*:*:*:*
huaweicd18-10_firmware*cpe:2.3:o:huawei:cd18-10_firmware:*:*:*:*:*:*:*:*
huaweicd18-16_firmware*cpe:2.3:o:huawei:cd18-16_firmware:*:*:*:*:*:*:*:*
huaweicolumbia-tl00b_firmware*cpe:2.3:o:huawei:columbia-tl00b_firmware:*:*:*:*:*:*:*:*
huaweibond-tl10c_firmware*cpe:2.3:o:huawei:bond-tl10c_firmware:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
huawei	anne-al00_firmware	*	cpe:2.3:o:huawei:anne-al00_firmware::::::::
huawei	barca-al00_firmware	*	cpe:2.3:o:huawei:barca-al00_firmware::::::::
huawei	berkeley-l09_firmware	*	cpe:2.3:o:huawei:berkeley-l09_firmware::::::::
huawei	cd16-10_firmware	*	cpe:2.3:o:huawei:cd16-10_firmware::::::::
huawei	cd17-10_firmware	*	cpe:2.3:o:huawei:cd17-10_firmware::::::::
huawei	cd17-16_firmware	*	cpe:2.3:o:huawei:cd17-16_firmware::::::::
huawei	cd18-10_firmware	*	cpe:2.3:o:huawei:cd18-10_firmware::::::::
huawei	cd18-16_firmware	*	cpe:2.3:o:huawei:cd18-16_firmware::::::::
huawei	columbia-tl00b_firmware	*	cpe:2.3:o:huawei:columbia-tl00b_firmware::::::::
huawei	bond-tl10c_firmware	*	cpe:2.3:o:huawei:bond-tl10c_firmware::::::::

Rows per page:

1-10 of 711

CVSS2

3.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:A/AC:L/Au:N/C:P/I:N/A:N

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

30.6%

JSON

Related for HUAWEI-SA-20200520-01-LEAKAGE