Authentication flaw

2020-02-1804:15:00

PRIOn knowledge base

www.prio-n.com

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

30.3%

JSON

Huawei HEGE-560 version 1.0.1.20(SP2); OSCA-550 and OSCA-550A version 1.0.0.71(SP1); and OSCA-550AX and OSCA-550X version 1.0.0.71(SP2) have an insufficient authentication vulnerability. An attacker can access the device physically and perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker obtain high privilege.

CPENameOperatorVersion
hege-560_firmwareeq1.0.120-sp2
osca-550_firmwareeq1.0.71-sp1
osca-550a_firmwareeq1.0.71-sp1
osca-550ax_firmwareeq1.0.71-sp2
osca-550x_firmwareeq1.0.71-sp2

Name	Operator	Version
hege-560_firmware	eq	1.0.120-sp2
osca-550_firmware	eq	1.0.71-sp1
osca-550a_firmware	eq	1.0.71-sp1
osca-550ax_firmware	eq	1.0.71-sp2
osca-550x_firmware	eq	1.0.71-sp2