3.9
CVE-2020-1879
- EPSS 0.01%
- Published 20.03.2020 16:15:15
- Last modified 21.11.2024 05:11:32
- Source psirt@huawei.com
- Teams watchlist Login
- Open Login
There is an improper integrity checking vulnerability on some huawei products. The software of the affected product has an improper integrity check which may allow an attacker with high privilege to make malicious modifications.Affected product versions include:HEGE-560 versions 1.0.1.21(SP3);HEGE-570 versions 1.0.1.22(SP3);OSCA-550 versions 1.0.1.21(SP3);OSCA-550A versions 1.0.1.21(SP3);OSCA-550AX versions 1.0.1.21(SP3);OSCA-550X versions 1.0.1.21(SP3).
Data is provided by the National Vulnerability Database (NVD)
Huawei ≫ Hege-560 Firmware Version1.0.1.21(sp3)
Huawei ≫ Hege-570 Firmware Version1.0.1.21(sp3)
Huawei ≫ Osca-550 Firmware Version1.0.1.21(sp3)
Huawei ≫ Osca-550a Firmware Version1.0.1.21(sp3)
Huawei ≫ Osca-550ax Firmware Version1.0.1.21(sp3)
Huawei ≫ Osca-550x Firmware Version1.0.1.21(sp3)
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.01% | 0.008 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 3.9 | 0.3 | 3.6 |
CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
|
| nvd@nist.gov | 3.6 | 3.9 | 4.9 |
AV:L/AC:L/Au:N/C:N/I:P/A:P
|
CWE-354 Improper Validation of Integrity Check Value
The product does not validate or incorrectly validates the integrity check values or "checksums" of a message. This may prevent it from detecting if the data has been modified or corrupted in transmission.