Lucene search

Huawei TechnologiesHUAWEI-SA-20200715-03-INFORMATIONLEAK

HistoryJul 15, 2020 - 12:00 a.m.

Security Advisory - Information Disclosure Vulnerability on some Huawei Products

2020-07-1500:00:00

Huawei Technologies

www.huawei.com

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

0.0004 Low

EPSS

Percentile

5.1%

JSON

There is a information leak vulnerability in some Huawei products, and it could allow a local attacker to get information. The vulnerability is due to the improper management of the username. An attacker with the ability to access the device and cause the username information leak. (Vulnerability ID: HWPSIRT-2020-03010)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9102.

Huawei has released software updates to fix this vulnerability. This advisory is available at the following link:
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-03-informationleak-en

Affected configurations

Vulners

Node

huaweicloudengine_1800vMatchv200r005c20spc800

huaweicloudengine_1800vMatchv200r019c00spc800

huaweicloudengine_1800vMatchv200r002c50spc800

huaweicloudengine_1800vMatchv200r003c00spc810

huaweicloudengine_1800vMatchv200r005c00spc800

huaweicloudengine_1800vMatchv200r005c10spc800

huaweicloudengine_1800vMatchv200r019c00spc800

huaweicloudengine_5800Matchv200r002c50spc800

huaweicloudengine_5800Matchv200r003c00spc810

huaweicloudengine_5800Matchv200r005c00spc800

huaweicloudengine_5800Matchv200r005c10spc800

huaweicloudengine_5800Matchv200r019c00spc800

huawei6800Matchv200r002c50spc800

huawei6800Matchv200r003c00spc810

huawei6800Matchv200r005c00spc800

huawei6800Matchv200r005c10spc800

huawei6800Matchv200r005c20spc800

huawei6800Matchv200r019c00spc800

huaweicloudengine_1800vMatchv200r002c50spc800

huaweicloudengine_1800vMatchv200r003c00spc810

huaweicloudengine_1800vMatchv200r005c00spc800

huaweicloudengine_1800vMatchv200r005c10spc800

huaweicloudengine_1800vMatchv200r019c00spc800

huaweicloudengine_1800vMatchv200r002c50spc800

huaweicloudengine_1800vMatchv200r003c00spc810

huaweicloudengine_1800vMatchv200r005c00spc800

huaweicloudengine_1800vMatchv200r005c10spc800

huaweicloudengine_1800vMatchv200r019c00spc800

CPENameOperatorVersion
cloudengine 16800eqV200R005C20SPC800
cloudengine 16800eqV200R019C00SPC800
cloudengine 12800eqV200R002C50SPC800
cloudengine 12800eqV200R003C00SPC810
cloudengine 12800eqV200R005C00SPC800
cloudengine 12800eqV200R005C10SPC800
cloudengine 12800eqV200R019C00SPC800
cloudengine 5800eqV200R002C50SPC800
cloudengine 5800eqV200R003C00SPC810
cloudengine 5800eqV200R005C00SPC800

Name	Operator	Version
cloudengine 16800	eq	V200R005C20SPC800
cloudengine 16800	eq	V200R019C00SPC800
cloudengine 12800	eq	V200R002C50SPC800
cloudengine 12800	eq	V200R003C00SPC810
cloudengine 12800	eq	V200R005C00SPC800
cloudengine 12800	eq	V200R005C10SPC800
cloudengine 12800	eq	V200R019C00SPC800
cloudengine 5800	eq	V200R002C50SPC800
cloudengine 5800	eq	V200R003C00SPC810
cloudengine 5800	eq	V200R005C00SPC800

Rows per page:

1-10 of 281

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for HUAWEI-SA-20200715-03-INFORMATIONLEAK