CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0CVE-2020-1827
https://notcve.org/view.php?id=CVE-2020-1827
17 Feb 2020 — Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have an information leakage vulnerability. An attacker can exploit this vulnerability by sending specific request packets to affected devices. Successful exploit may lead to information leakage. Huawei NIP6800 versiones V500R001C30, V500R001C60SPC500 y V500R005C00SPC100; y Secospace USG6600 y USG9500 versiones... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-02-ipsec-en • CWE-404: Improper Resource Shutdown or Release •
CVSS: 7.5EPSS: 0%CPEs: 24EXPL: 0CVE-2020-1856
https://notcve.org/view.php?id=CVE-2020-1856
17 Feb 2020 — Huawei NGFW Module, NIP6300, NIP6600, Secospace USG6500, Secospace USG6600, and USG9500 versions V500R001C30, V500R001C60, and V500R005C00 have an information leakage vulnerability. An attacker can exploit this vulnerability by sending specific request packets to affected devices. Successful exploit may lead to information leakage. Los módulos Huawei NGFW, NIP6300, NIP6600, Secospace USG6500, Secospace USG6600 y USG9500 versiones V500R001C30, V500R001C60 y V500R005C00, presentan una vulnerabilidad de fuga d... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200205-01-firewall-en •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2020-1829
https://notcve.org/view.php?id=CVE-2020-1829
17 Feb 2020 — Huawei NIP6800 versions V500R001C30 and V500R001C60SPC500; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, and V500R001C60SPC500 have a vulnerability that the IPSec module handles a message improperly. Attackers can send specific message to cause double free memory. This may compromise normal service. Huawei NIP6800 versiones V500R001C30 y V500R001C60SPC500; y Secospace USG6600 y USG9500 versiones V500R001C30SPC200, V500R001C30SPC600 y V500R001C60SPC500, presentan una vulner... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-03-ipsec-en • CWE-415: Double Free •
CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2020-1857
https://notcve.org/view.php?id=CVE-2020-1857
17 Feb 2020 — Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have an information leakage vulnerability. Due to improper processing of some data, a local authenticated attacker can exploit this vulnerability through a series of operations. Successful exploitation may cause information leakage. Huawei NIP6800 versiones V500R001C30, V500R001C60SPC500 y V500R005C00SPC100; y... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200205-01-leakage-en •
CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0CVE-2020-1828
https://notcve.org/view.php?id=CVE-2020-1828
17 Feb 2020 — Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have an input validation vulnerability where the IPSec module does not validate a field in a specific message. Attackers can send specific message to cause out-of-bound read, compromising normal service. Huawei NIP6800 versiones V500R001C30, V500R001C60SPC500 y V500R005C00; y Secospace USG6600 y USG9500 versiones V500R001... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-01-ipsec-en • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0CVE-2020-1858
https://notcve.org/view.php?id=CVE-2020-1858
17 Feb 2020 — Huawei products NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; Secospace USG6600 versions V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100; and USG9500 versions V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have a denial of service vulnerability. Attackers need to perform a series of operations in a special scenario to exploit this vulnerability. Successful exploit may cause the new connections can't be established, result in a denial of service. Los Product... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200205-01-dos-en •
CVSS: 7.8EPSS: 0%CPEs: 146EXPL: 0CVE-2019-5304
https://notcve.org/view.php?id=CVE-2019-5304
03 Jan 2020 — Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset. Algunos productos de Huawei tienen una vulnerabilidad de error de búfer. Un atacante remoto no identificado podría enviar mensajes MPLS Echo Request específicos hacia los productos de destino. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200102-01-buffer-en • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.6EPSS: 0%CPEs: 261EXPL: 0CVE-2019-5254
https://notcve.org/view.php?id=CVE-2019-5254
13 Dec 2019 — Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have an out-of-bounds read vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the ... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 261EXPL: 0CVE-2019-5255
https://notcve.org/view.php?id=CVE-2019-5255
13 Dec 2019 — Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a DoS vulnerability. An attacker may send crafted messages from a FTP client to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the system out-of-bounds read and result in a denial of service condition of the affected service. Cier... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 261EXPL: 0CVE-2019-5256
https://notcve.org/view.php?id=CVE-2019-5256
13 Dec 2019 — Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a null pointer dereference vulnerability. The system dereferences a pointer that it expects to be valid, but is NULL. A local attacker could exploit this vulnerability by sending crafted parameters. A successful exploit could cause a denial of service and the process reboot. Ciertos pro... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en • CWE-476: NULL Pointer Dereference •