7.5
CVE-2020-1827
- EPSS 0.25%
- Veröffentlicht 17.02.2020 21:15:12
- Zuletzt bearbeitet 21.11.2024 05:11:26
- Quelle psirt@huawei.com
- Teams Watchlist Login
- Unerledigt Login
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have an information leakage vulnerability. An attacker can exploit this vulnerability by sending specific request packets to affected devices. Successful exploit may lead to information leakage.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Huawei ≫ Nip6800 Firmware Versionv500r001c30
Huawei ≫ Nip6800 Firmware Versionv500r001c60spc500
Huawei ≫ Nip6800 Firmware Versionv500r005c00spc100
Huawei ≫ Secospace Usg6600 Firmware Versionv500r001c30spc200
Huawei ≫ Secospace Usg6600 Firmware Versionv500r001c30spc600
Huawei ≫ Secospace Usg6600 Firmware Versionv500r001c60spc500
Huawei ≫ Secospace Usg6600 Firmware Versionv500r005c00spc100
Huawei ≫ Usg9500 Firmware Versionv500r001c30spc200
Huawei ≫ Usg9500 Firmware Versionv500r001c30spc600
Huawei ≫ Usg9500 Firmware Versionv500r001c60spc500
Huawei ≫ Usg9500 Firmware Versionv500r005c00spc100
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.25% | 0.483 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-404 Improper Resource Shutdown or Release
The product does not release or incorrectly releases a resource before it is made available for re-use.