fkie_cve-2020-9201
Vulnerability from fkie_nvd
Published
2020-12-24 16:15
Modified
2024-11-21 05:40
Severity ?
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
There is an out-of-bounds read vulnerability in some versions of NIP6800, Secospace USG6600 and USG9500. The software reads data past the end of the intended buffer when parsing DHCP messages including crafted parameter. Successful exploit could cause certain service abnormal.
References
psirt@huawei.comhttps://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-04-eudemon-enVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-04-eudemon-enVendor Advisory
Impacted products
Vendor Product Version
huawei nip6800_firmware v500r001c30
huawei nip6800_firmware v500r001c60spc500
huawei nip6800_firmware v500r005c00
huawei nip6800 -
huawei secospace_usg6600_firmware v500r001c30spc200
huawei secospace_usg6600_firmware v500r001c30spc600
huawei secospace_usg6600_firmware v500r001c60spc500
huawei secospace_usg6600_firmware v500r005c00
huawei secospace_usg6600 -
huawei usg9500_firmware v500r001c30spc200
huawei usg9500_firmware v500r001c30spc600
huawei usg9500_firmware v500r001c60spc500
huawei usg9500_firmware v500r005c00
huawei usg9500 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r001c30:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B3D681F-E141-4BB1-9437-8BFE286CB164",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r001c60spc500:*:*:*:*:*:*:*",
              "matchCriteriaId": "C38F1E7A-0347-4E45-A0B6-CB8CE0D8A07E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r005c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6FCA659-5DF8-44EA-91B6-A80FBB68322A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "875441DD-575F-4F4D-A6BD-23C38641D330",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc200:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CA7BE1F-853E-4CBA-8A90-BAEA0BCC6A97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc600:*:*:*:*:*:*:*",
              "matchCriteriaId": "B80E521E-1BFB-405E-9F8E-4A0734731FD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c60spc500:*:*:*:*:*:*:*",
              "matchCriteriaId": "5226BD96-2B00-469B-AADD-CD0541610BBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "391BFC6B-9AE6-49D7-855A-CB94AD1EE5C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc200:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0BF5257-8CD1-4951-9C53-07B85D468F8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc600:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E2CDEF7-F8C8-482E-B43D-DB3F0CE010F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c60spc500:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A1EFB9D-5349-4EAF-9880-34F0D20011E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r005c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "E961C6AA-400A-41CF-A230-FE7182875F1F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B6064BB-5E62-4D70-B933-05B5426EEE9C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "There is an out-of-bounds read vulnerability in some versions of NIP6800, Secospace USG6600 and USG9500. The software reads data past the end of the intended buffer when parsing DHCP messages including crafted parameter. Successful exploit could cause certain service abnormal."
    },
    {
      "lang": "es",
      "value": "Se presenta una vulnerabilidad de lectura fuera de l\u00edmites en algunas versiones de NIP6800, Secospace USG6600 y USG9500.\u0026#xa0;El software lee los datos m\u00e1s all\u00e1 del final del b\u00fafer previsto cuando se analizan los mensajes DHCP, incluyendo el par\u00e1metro dise\u00f1ado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda causar un servicio anormal"
    }
  ],
  "id": "CVE-2020-9201",
  "lastModified": "2024-11-21T05:40:09.053",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 3.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 6.5,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-12-24T16:15:16.147",
  "references": [
    {
      "source": "psirt@huawei.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-04-eudemon-en"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-04-eudemon-en"
    }
  ],
  "sourceIdentifier": "psirt@huawei.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.