Vulnerabilites related to Huawei - Secospace USG6600, USG9500
CVE-2020-1816 (GCVE-0-2020-1816)
Vulnerability from cvelistv5
Published
2020-02-17 23:24
Modified
2024-08-04 06:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Denial of Service
Summary
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Denial of Service (DoS) vulnerability. Due to improper processing of specific IPSEC packets, remote attackers can send constructed IPSEC packets to affected devices to exploit this vulnerability. Successful exploit could cause the IPSec function of the affected device abnormal.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Huawei | NIP6800 |
Version: V500R001C30 Version: V500R001C60SPC500 Version: V500R005C00 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:46:30.940Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-03-firewall-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60SPC500"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"product": "Secospace USG6600, USG9500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30SPC200"
},
{
"status": "affected",
"version": "V500R001C30SPC600"
},
{
"status": "affected",
"version": "V500R001C60SPC500"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Denial of Service (DoS) vulnerability. Due to improper processing of specific IPSEC packets, remote attackers can send constructed IPSEC packets to affected devices to exploit this vulnerability. Successful exploit could cause the IPSec function of the affected device abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-17T23:24:30",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-03-firewall-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1816",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NIP6800",
"version": {
"version_data": [
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C60SPC500"
},
{
"version_value": "V500R005C00"
}
]
}
},
{
"product_name": "Secospace USG6600, USG9500",
"version": {
"version_data": [
{
"version_value": "V500R001C30SPC200"
},
{
"version_value": "V500R001C30SPC600"
},
{
"version_value": "V500R001C60SPC500"
},
{
"version_value": "V500R005C00"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Denial of Service (DoS) vulnerability. Due to improper processing of specific IPSEC packets, remote attackers can send constructed IPSEC packets to affected devices to exploit this vulnerability. Successful exploit could cause the IPSec function of the affected device abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-03-firewall-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-03-firewall-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1816",
"datePublished": "2020-02-17T23:24:30",
"dateReserved": "2019-11-29T00:00:00",
"dateUpdated": "2024-08-04T06:46:30.940Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1827 (GCVE-0-2020-1827)
Vulnerability from cvelistv5
Published
2020-02-17 20:38
Modified
2024-08-04 06:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Denial of Service
Summary
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have an information leakage vulnerability. An attacker can exploit this vulnerability by sending specific request packets to affected devices. Successful exploit may lead to information leakage.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Huawei | NIP6800 |
Version: V500R001C30 Version: V500R001C60SPC500 Version: V500R005C00SPC100 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:46:30.916Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-02-ipsec-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60SPC500"
},
{
"status": "affected",
"version": "V500R005C00SPC100"
}
]
},
{
"product": "Secospace USG6600, USG9500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30SPC200"
},
{
"status": "affected",
"version": "V500R001C30SPC600"
},
{
"status": "affected",
"version": "V500R001C60SPC500"
},
{
"status": "affected",
"version": "V500R005C00SPC100"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have an information leakage vulnerability. An attacker can exploit this vulnerability by sending specific request packets to affected devices. Successful exploit may lead to information leakage."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-17T20:38:59",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-02-ipsec-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1827",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NIP6800",
"version": {
"version_data": [
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C60SPC500"
},
{
"version_value": "V500R005C00SPC100"
}
]
}
},
{
"product_name": "Secospace USG6600, USG9500",
"version": {
"version_data": [
{
"version_value": "V500R001C30SPC200"
},
{
"version_value": "V500R001C30SPC600"
},
{
"version_value": "V500R001C60SPC500"
},
{
"version_value": "V500R005C00SPC100"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have an information leakage vulnerability. An attacker can exploit this vulnerability by sending specific request packets to affected devices. Successful exploit may lead to information leakage."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-02-ipsec-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-02-ipsec-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1827",
"datePublished": "2020-02-17T20:38:59",
"dateReserved": "2019-11-29T00:00:00",
"dateUpdated": "2024-08-04T06:46:30.916Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1814 (GCVE-0-2020-1814)
Vulnerability from cvelistv5
Published
2020-02-18 01:53
Modified
2024-08-04 06:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Dangling Pointer Reference
Summary
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Dangling pointer dereference vulnerability. An authenticated attacker may do some special operations in the affected products in some special scenarios to exploit the vulnerability. Due to improper race conditions of different operations, successful exploit will lead to Dangling pointer dereference, causing some service abnormal.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Huawei | NIP6800 |
Version: V500R001C30 Version: V500R001C60SPC500 Version: V500R005C00 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:46:30.897Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-01-firewall-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60SPC500"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"product": "Secospace USG6600, USG9500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30SPC200"
},
{
"status": "affected",
"version": "V500R001C30SPC600"
},
{
"status": "affected",
"version": "V500R001C60SPC500"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Dangling pointer dereference vulnerability. An authenticated attacker may do some special operations in the affected products in some special scenarios to exploit the vulnerability. Due to improper race conditions of different operations, successful exploit will lead to Dangling pointer dereference, causing some service abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Dangling Pointer Reference",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-18T01:53:40",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-01-firewall-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1814",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NIP6800",
"version": {
"version_data": [
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C60SPC500"
},
{
"version_value": "V500R005C00"
}
]
}
},
{
"product_name": "Secospace USG6600, USG9500",
"version": {
"version_data": [
{
"version_value": "V500R001C30SPC200"
},
{
"version_value": "V500R001C30SPC600"
},
{
"version_value": "V500R001C60SPC500"
},
{
"version_value": "V500R005C00"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Dangling pointer dereference vulnerability. An authenticated attacker may do some special operations in the affected products in some special scenarios to exploit the vulnerability. Due to improper race conditions of different operations, successful exploit will lead to Dangling pointer dereference, causing some service abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Dangling Pointer Reference"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-01-firewall-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-01-firewall-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1814",
"datePublished": "2020-02-18T01:53:40",
"dateReserved": "2019-11-29T00:00:00",
"dateUpdated": "2024-08-04T06:46:30.897Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1815 (GCVE-0-2020-1815)
Vulnerability from cvelistv5
Published
2020-02-17 23:18
Modified
2024-08-04 06:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Leak
Summary
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a memory leak vulnerability. The software does not sufficiently track and release allocated memory while parse certain message, the attacker sends the message continuously that could consume remaining memory. Successful exploit could cause memory exhaust.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Huawei | NIP6800 |
Version: V500R001C30 Version: V500R001C60SPC500 Version: V500R005C00 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:46:30.981Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-02-firewall-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60SPC500"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"product": "Secospace USG6600, USG9500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30SPC200"
},
{
"status": "affected",
"version": "V500R001C30SPC600"
},
{
"status": "affected",
"version": "V500R001C60SPC500"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a memory leak vulnerability. The software does not sufficiently track and release allocated memory while parse certain message, the attacker sends the message continuously that could consume remaining memory. Successful exploit could cause memory exhaust."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Leak",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-17T23:18:39",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-02-firewall-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1815",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NIP6800",
"version": {
"version_data": [
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C60SPC500"
},
{
"version_value": "V500R005C00"
}
]
}
},
{
"product_name": "Secospace USG6600, USG9500",
"version": {
"version_data": [
{
"version_value": "V500R001C30SPC200"
},
{
"version_value": "V500R001C30SPC600"
},
{
"version_value": "V500R001C60SPC500"
},
{
"version_value": "V500R005C00"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a memory leak vulnerability. The software does not sufficiently track and release allocated memory while parse certain message, the attacker sends the message continuously that could consume remaining memory. Successful exploit could cause memory exhaust."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Leak"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-02-firewall-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-02-firewall-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1815",
"datePublished": "2020-02-17T23:18:39",
"dateReserved": "2019-11-29T00:00:00",
"dateUpdated": "2024-08-04T06:46:30.981Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1830 (GCVE-0-2020-1830)
Vulnerability from cvelistv5
Published
2020-02-17 23:35
Modified
2024-08-04 06:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Small OOB Read
Summary
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a vulnerability that a memory management error exists when IPSec Module handing a specific message. This causes 1 byte out-of-bound read, compromising normal service.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Huawei | NIP6800 |
Version: V500R001C30 Version: V500R001C60SPC500 Version: V500R005C00 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:46:30.948Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-04-ipsec-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60SPC500"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"product": "Secospace USG6600, USG9500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30SPC200"
},
{
"status": "affected",
"version": "V500R001C30SPC600"
},
{
"status": "affected",
"version": "V500R001C60SPC500"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a vulnerability that a memory management error exists when IPSec Module handing a specific message. This causes 1 byte out-of-bound read, compromising normal service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Small OOB Read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-17T23:35:02",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-04-ipsec-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1830",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NIP6800",
"version": {
"version_data": [
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C60SPC500"
},
{
"version_value": "V500R005C00"
}
]
}
},
{
"product_name": "Secospace USG6600, USG9500",
"version": {
"version_data": [
{
"version_value": "V500R001C30SPC200"
},
{
"version_value": "V500R001C30SPC600"
},
{
"version_value": "V500R001C60SPC500"
},
{
"version_value": "V500R005C00"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a vulnerability that a memory management error exists when IPSec Module handing a specific message. This causes 1 byte out-of-bound read, compromising normal service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Small OOB Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-04-ipsec-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-04-ipsec-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1830",
"datePublished": "2020-02-17T23:35:02",
"dateReserved": "2019-11-29T00:00:00",
"dateUpdated": "2024-08-04T06:46:30.948Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}