Lucene search
K

240 matches found

NCSC
NCSC
added 2021/04/07 12:0 a.m.5 views

Vulnerability fixed in Huawei CloudEngine switches

A vulnerability has been fixed in Huawei CloudEngine switches. A malicious party could potentially exploit the vulnerability to cause a denial-of-service attack. Huawei has released updates to fix the vulnerability in CloudEngine 5800, 6800, 7800 and 12800 switches. For more information, see:...

7.5CVSS6.8AI score0.00677EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/01/28 12:0 a.m.4 views

The vulnerability of the microprogramming software of the CloudEngine 1800V switch allows a intruder to trigger a maintenance failure.

The vulnerability of the CloudEngine 1800V microcontroller software is related to resource management errors. Exploiting this vulnerability could allow a malicious actor to trigger a service failure through a specially crafted message...

7.8CVSS7.2AI score0.00736EPSS
Exploits0References2
NVD
NVD
added 2021/01/13 11:15 p.m.32 views

CVE-2020-1865

There is an out-of-bounds read vulnerability in Huawei CloudEngine products. The software reads data past the end of the intended buffer when parsing certain PIM message, an adjacent attacker could send crafted PIM messages to the device, successful exploit could cause out of bounds read when the...

6.5CVSS6.5AI score0.00332EPSS
Exploits0References1
OSV
OSV
added 2021/01/13 11:15 p.m.3 views

CVE-2020-1865

There is an out-of-bounds read vulnerability in Huawei CloudEngine products. The software reads data past the end of the intended buffer when parsing certain PIM message, an adjacent attacker could send crafted PIM messages to the device, successful exploit could cause out of bounds read when the...

6.5CVSS6.8AI score0.00332EPSS
Exploits0References1
Prion
Prion
added 2021/01/13 11:15 p.m.16 views

Out-of-bounds

There is an out-of-bounds read vulnerability in Huawei CloudEngine products. The software reads data past the end of the intended buffer when parsing certain PIM message, an adjacent attacker could send crafted PIM messages to the device, successful exploit could cause out of bounds read when the...

3.3CVSS6.4AI score0.00332EPSS
Exploits0References1Affected Software4
CVE
CVE
added 2021/01/13 10:20 p.m.58 views

CVE-2020-1865

CVE-2020-1865 : Huawei CloudEngine products have an out-of-bounds read when parsing certain PIM messages. An adjacent attacker could send crafted PIM messages to trigger data reads past the buffer, potentially causing impact as described in the sources. The vulnerability is documented with CVSS m...

6.5CVSS6.4AI score0.00332EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/01/13 10:20 p.m.35 views

CVE-2020-1865

There is an out-of-bounds read vulnerability in Huawei CloudEngine products. The software reads data past the end of the intended buffer when parsing certain PIM message, an adjacent attacker could send crafted PIM messages to the device, successful exploit could cause out of bounds read when the...

6.5AI score0.00332EPSS
Exploits0References1
Huawei
Huawei
added 2020/12/30 12:0 a.m.29 views

Security Advisory - Out-of-Bounds Read Vulnerability in Huawei CloudEngine Products

There is an out-of-bounds read vulnerability in Huawei CloudEngine products. The software reads data past the end of the intended buffer when parsing certain PIM message, an adjacent attacker could send crafted PIM messages to the device, successful exploit could cause out of bounds read when the...

6.5CVSS6.5AI score0.00332EPSS
Exploits0Affected Software4
CNNVD
CNNVD
added 2020/12/30 12:0 a.m.7 views

Huawei CloudEngine Buffer Error Vulnerability

Huawei CloudEngine 12800 and others are products of Huawei, China.Huawei CloudEngine 12800 is a 12800 series data center switch.Huawei Cloudengine 5800 is a 5800 series data center switch.Huawei Cloudengine 6800 is a 6800 series data center switch. A buffer error vulnerability exists in Huawei...

6.5CVSS5.9AI score0.00332EPSS
Exploits0References3
NVD
NVD
added 2020/12/29 6:15 p.m.25 views

CVE-2020-9124

There is a memory leak vulnerability in some versions of Huawei CloudEngine product. An unauthenticated, remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause memory leak...

7.5CVSS7.5AI score0.00916EPSS
Exploits0References1
NVD
NVD
added 2020/12/29 6:15 p.m.22 views

CVE-2020-9207

There is an improper authentication vulnerability in some verisons of Huawei CloudEngine product. A module does not verify the input file properly. Attackers can exploit this vulnerability by crafting malicious files to bypass current verification mechanism. This can compromise normal service...

7.8CVSS7.8AI score0.00559EPSS
Exploits0References1
OSV
OSV
added 2020/12/29 6:15 p.m.3 views

CVE-2020-9207

There is an improper authentication vulnerability in some verisons of Huawei CloudEngine product. A module does not verify the input file properly. Attackers can exploit this vulnerability by crafting malicious files to bypass current verification mechanism. This can compromise normal service...

7.8CVSS7.1AI score0.00559EPSS
Exploits0References1
OSV
OSV
added 2020/12/29 6:15 p.m.4 views

CVE-2020-9094

There is an out of bound read vulnerability in some verisons of Huawei CloudEngine product. A module does not deal with specific message properly. Attackers can exploit this vulnerability by sending malicious packet. This can lead to denial of service...

7.5CVSS7.1AI score0.00736EPSS
Exploits0References1
NVD
NVD
added 2020/12/29 6:15 p.m.25 views

CVE-2020-9094

There is an out of bound read vulnerability in some verisons of Huawei CloudEngine product. A module does not deal with specific message properly. Attackers can exploit this vulnerability by sending malicious packet. This can lead to denial of service...

7.5CVSS7.4AI score0.00736EPSS
Exploits0References1
OSV
OSV
added 2020/12/29 6:15 p.m.3 views

CVE-2020-9124

There is a memory leak vulnerability in some versions of Huawei CloudEngine product. An unauthenticated, remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause memory leak...

7.5CVSS7.1AI score0.00916EPSS
Exploits0References1
Prion
Prion
added 2020/12/29 6:15 p.m.19 views

Memory corruption

There is a memory leak vulnerability in some versions of Huawei CloudEngine product. An unauthenticated, remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause memory leak...

5CVSS7.5AI score0.00916EPSS
Exploits0References1Affected Software4
Prion
Prion
added 2020/12/29 6:15 p.m.20 views

Design/Logic Flaw

There is an out of bound read vulnerability in some verisons of Huawei CloudEngine product. A module does not deal with specific message properly. Attackers can exploit this vulnerability by sending malicious packet. This can lead to denial of service...

5CVSS7.3AI score0.00736EPSS
Exploits0References1Affected Software4
Prion
Prion
added 2020/12/29 6:15 p.m.21 views

Authentication flaw

There is an improper authentication vulnerability in some verisons of Huawei CloudEngine product. A module does not verify the input file properly. Attackers can exploit this vulnerability by crafting malicious files to bypass current verification mechanism. This can compromise normal service...

6.8CVSS7.7AI score0.00559EPSS
Exploits0References1Affected Software4
Cvelist
Cvelist
added 2020/12/29 5:57 p.m.32 views

CVE-2020-9207

There is an improper authentication vulnerability in some verisons of Huawei CloudEngine product. A module does not verify the input file properly. Attackers can exploit this vulnerability by crafting malicious files to bypass current verification mechanism. This can compromise normal service...

7.8AI score0.00559EPSS
Exploits0References1
CVE
CVE
added 2020/12/29 5:57 p.m.62 views

CVE-2020-9207

CVE-2020-9207 describes an improper authentication vulnerability in Huawei CloudEngine products. A module fails to verify input files, allowing attackers to craft malicious files to bypass verification and potentially disrupt normal service. Connected sources confirm the issue affects Huawei Clou...

7.8CVSS7.7AI score0.00559EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder