CVSS: 4.9EPSS: 0%CPEs: 10EXPL: 0CVE-2020-1883
https://notcve.org/view.php?id=CVE-2020-1883
Huawei products NIP6800;Secospace USG6600;USG9500 have a memory leak vulnerability. An attacker with high privileges exploits this vulnerability by continuously performing specific operations. Successful exploitation of this vulnerability can cause service abnormal. Los productos Huawei NIP6800; Secospace USG6600; USG9500, presentan una vulnerabilidad de pérdida de memoria. Un atacante muy privilegiado puede explotar esta vulnerabilidad llevando a cabo continuamente operaciones específicas. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200603-01-memory-en • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 4.9EPSS: 0%CPEs: 14EXPL: 0CVE-2020-1877
https://notcve.org/view.php?id=CVE-2020-1877
NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. The software system access an invalid pointer when administrator log in to the device and performs some operations. Successful exploit could cause certain process reboot. NIP6800; Secospace USG6600; USG9500 con versiones de V500R001C30; V500R001C60SPC500; V500R005C00SPC100, presentan una vulnerabilidad de acceso de puntero no válido. El sistema del software accede a un puntero no válido cuando el administrador inicia sesión en el dispositivo y lleva a cabo algunas operaciones. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-05-invalidpointer-en • CWE-824: Access of Uninitialized Pointer •
CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0CVE-2020-1876
https://notcve.org/view.php?id=CVE-2020-1876
NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds write vulnerability. An unauthenticated attacker crafts malformed packets with specific parameter and sends the packets to the affected products. Due to insufficient validation of packets, which may be exploited to cause the process reboot. NIP6800; Secospace USG6600; USG9500 con versiones de V500R001C30; V500R001C60SPC500; V500R005C00SPC100, presentan una vulnerabilidad de escritura fuera de límites. Un atacante no autenticado diseña paquetes malformados con un parámetro específico y los envía hacia los productos afectados. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-01-outofwrite-en • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2020-1881
https://notcve.org/view.php?id=CVE-2020-1881
NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability. An attacker needs to perform specific operations to trigger a function of the affected device. Due to improper resource management of the function, the vulnerability can be exploited to cause service abnormal on affected devices. Los productos NIP6800; Secospace USG6600; USG9500 con versiones de V500R001C30; V500R001C60SPC500; V500R005C00SPC100, presentan una vulnerabilidad de error de administración de recursos. Un atacante necesita llevar a cabo operaciones específicas para desencadenar una función del dispositivo afectado. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-02-resource-en •
CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0CVE-2020-1860
https://notcve.org/view.php?id=CVE-2020-1860
NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an access control bypass vulnerability. Attackers that can access to the internal network can exploit this vulnerability with careful deployment. Successful exploit may cause the access control to be bypassed, and attackers can directly access the Internet. Los productos NIP6800; Secospace USG6600; USG9500 con versiones de V500R001C30; V500R001C60SPC500; V500R005C00SPC100, presentan una vulnerabilidad de omisión del control de acceso. Los atacantes que pueden acceder a la red interna pueden explotar esta vulnerabilidad con una implementación cuidadosa. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-02-firewall-en •