8.2

CVE-2020-1871

EPSS 0.17%
Published 03.01.2020 15:15:12
Last modified 21.11.2024 05:11:30
Source psirt@huawei.com
Teams watchlist Login
Open Login

USG9500 with software of V500R001C30SPC100; V500R001C30SPC200; V500R001C30SPC600; V500R001C60SPC500; V500R005C00SPC100; V500R005C00SPC200 have an improper credentials management vulnerability. The software does not properly manage certain credentials. Successful exploit could cause information disclosure or damage, and impact the confidentiality or integrity.

Affected products Warnungen 0 Metrics 3 CWE 0 References 4

Data is provided by the National Vulnerability Database (NVD)

Huawei ≫ Usg9500 Firmware Versionv500r001c30spc100

Huawei ≫ Usg9500 Version-

Huawei ≫ Usg9500 Firmware Versionv500r001c30spc200

Huawei ≫ Usg9500 Version-

Huawei ≫ Usg9500 Firmware Versionv500r001c30spc600

Huawei ≫ Usg9500 Version-

Huawei ≫ Usg9500 Firmware Versionv500r001c60spc500

Huawei ≫ Usg9500 Version-

Huawei ≫ Usg9500 Firmware Versionv500r005c00spc100

Huawei ≫ Usg9500 Version-

Huawei ≫ Usg9500 Firmware Versionv500r005c00spc200

Huawei ≫ Usg9500 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.17%	0.394

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.2	3.9	4.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
nvd@nist.gov	6.4	10	4.9	AV:N/AC:L/Au:N/C:P/I:P/A:N

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200102-01-credential-en

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-1871

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-1871

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-1871

EUVD