Lucene search

K
nvd[email protected]NVD:CVE-2020-9069
HistoryMay 21, 2020 - 3:15 p.m.

CVE-2020-9069

2020-05-2115:15:10
web.nvd.nist.gov
5
information leakage
huawei products
unauthenticated attacker
data decryption
vulnerability
exploitation
affected product versions

CVSS2

3.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:A/AC:L/Au:N/C:P/I:N/A:N

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

30.6%

There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent attacker could exploit this vulnerability to decrypt data. Successful exploitation may leak information randomly. Affected product versions include: Anne-AL00 Versions earlier than 9.1.0.331(C675E9R1P3T8); Berkeley-L09 Versions earlier than 10.0.1.1(C675R1); CD16-10 Versions earlier than 10.0.2.8; CD17-10 Versions earlier than 10.0.2.8; CD17-16 Versions earlier than 10.0.2.8; CD18-10 Versions earlier than 10.0.2.8; CD18-16 Versions earlier than 10.0.2.8; Columbia-TL00B Versions earlier than 9.0.0.187(C01E181R1P20T8); E6878-370 Versions earlier than 10.0.5.1(H610SP10C00); HUAWEI P30 lite Versions earlier than 10.0.0.185(C605E3R1P3), Versions earlier than 10.0.0.197(C432E8R2P7); HUAWEI nova 4e Versions earlier than 10.0.0.158(C00E64R1P9); Honor 10 Lite 9.0.1.113(C675E11R1P12); LelandP-L22A Versions earlier than 9.1.0.166(C675E5R1P4T8); Marie-AL00AX Versions earlier than 10.0.0.158(C00E64R1P9); Marie-AL00AY Versions earlier than 10.0.0.158(C00E64R1P9); Marie-AL00BX Versions earlier than 10.0.0.158(C00E64R1P9); Marie-L03BX Versions earlier than 10.0.0.188(C605E5R1P1); Marie-L21BX Versions earlier than 10.0.0.188(C432E4R4P1), Versions earlier than 10.0.0.188(C461E5R3P1); Marie-L22BX Versions earlier than 10.0.0.188(C636E3R3P1); Marie-L23BX Versions earlier than 10.0.0.188(C605E5R1P1); TC5200-16 Versions earlier than 10.0.2.8; WS5200-11 Versions earlier than 10.0.2.8; WS5200-12 Versions earlier than 10.0.2.23; WS5200-16 Versions earlier than 10.0.2.8; WS5200-17 Versions earlier than 10.0.2.23; WS5800-10 Versions earlier than 10.0.3.27; WS6500-10 Versions earlier than 10.0.2.8; WS6500-16 Versions earlier than 10.0.2.8

Affected configurations

Nvd
Node
huaweianne-al00Match-
AND
huaweianne-al00_firmwareRange<9.1.0.331\(c675e9r1p3t8\)
Node
huaweiberkeley-l09Match-
AND
huaweiberkeley-l09_firmwareRange<10.0.1.1\(c675r1\)
Node
huaweicd16-10Match-
AND
huaweicd16-10_firmwareRange<10.0.2.8
Node
huaweicd17-10Match-
AND
huaweicd17-10_firmwareRange<10.0.2.8
Node
huaweicd17-16Match-
AND
huaweicd17-16_firmwareRange<10.0.2.8
Node
huaweicd18-10Match-
AND
huaweicd18-10_firmwareRange<10.0.2.8
Node
huaweicd18-16Match-
AND
huaweicd18-16_firmwareRange<10.0.2.8
Node
huaweicolumbia-tl00bMatch-
AND
huaweicolumbia-tl00b_firmwareRange<9.0.0.187\(c01e181r1p20t8\)
Node
huaweie6878-370_firmwareRange<10.0.5.1\(h610sp10c00\)
AND
huaweie6878-370Match-
Node
huaweihonor_10_lite_firmwareRange<10.0.0.182\(c675e17r2p2\)
AND
huaweihonor_10_liteMatch-
Node
huaweilelandp-l22a_firmwareRange<9.1.0.166\(c675e5r1p4t8\)
AND
huaweilelandp-l22aMatch-
Node
huaweitc5200-16_firmwareRange<10.0.2.8
AND
huaweitc5200-16Match-
Node
huaweiws5200-11_firmwareRange<10.0.2.8
AND
huaweiws5200-11Match-
Node
huaweiws5200-11_firmwareRange<10.0.2.23
AND
huaweiws5200-11Match-
Node
huaweiws5200-16_firmwareRange<10.0.2.8
AND
huaweiws5200-16Match-
Node
huaweiws5200-17_firmwareRange<10.0.2.23
AND
huaweiws5200-17Match-
Node
huaweiws5800-10_firmwareRange<10.0.3.27
AND
huaweiws5800-10Match-
Node
huaweiws6500-10_firmwareRange<10.0.2.8
AND
huaweiws6500-10Match-
Node
huaweiws6500-16_firmwareRange<10.0.2.8
AND
huaweiws6500-16Match-
VendorProductVersionCPE
huaweianne-al00-cpe:2.3:h:huawei:anne-al00:-:*:*:*:*:*:*:*
huaweianne-al00_firmware*cpe:2.3:o:huawei:anne-al00_firmware:*:*:*:*:*:*:*:*
huaweiberkeley-l09-cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*
huaweiberkeley-l09_firmware*cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*
huaweicd16-10-cpe:2.3:h:huawei:cd16-10:-:*:*:*:*:*:*:*
huaweicd16-10_firmware*cpe:2.3:o:huawei:cd16-10_firmware:*:*:*:*:*:*:*:*
huaweicd17-10-cpe:2.3:h:huawei:cd17-10:-:*:*:*:*:*:*:*
huaweicd17-10_firmware*cpe:2.3:o:huawei:cd17-10_firmware:*:*:*:*:*:*:*:*
huaweicd17-16-cpe:2.3:h:huawei:cd17-16:-:*:*:*:*:*:*:*
huaweicd17-16_firmware*cpe:2.3:o:huawei:cd17-16_firmware:*:*:*:*:*:*:*:*
Rows per page:
1-10 of 361

CVSS2

3.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:A/AC:L/Au:N/C:P/I:N/A:N

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

30.6%

Related for NVD:CVE-2020-9069