// For flags

CVE-2020-1870

 

Severity Score

7.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

There is a denial of service vulnerability in some Huawei products. Due to improper memory management, memory leakage may occur in some special cases. Attackers can perform a series of operations to exploit this vulnerability. Successful exploit may cause a denial of service. Affected product versions include: CloudEngine 12800 versions V200R019C00SPC800; CloudEngine 5800 versions V200R019C00SPC800; CloudEngine 6800 versions V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 versions V200R019C00SPC800; NE40E versions V800R011C00SPC200, V800R011C00SPC300, V800R011C10SPC100; NE40E-F versions V800R011C00SPC200, V800R011C10SPC100; NE40E-M versions V800R011C00SPC200, V800R011C10SPC100.

Hay una vulnerabilidad denegación de servicio en algunos productos Huawei. Debido a una administración inapropiada de la memoria, pueden producirse fugas de memoria en algunos casos especiales. Los atacantes pueden llevar a cabo una serie de operaciones para explotar esta vulnerabilidad. Una explotación con éxito puede causar una denegación de servicio. Las versiones de productos afectados incluyen: CloudEngine 12800 versión V200R019C00SPC800; CloudEngine 5800 versión V200R019C00SPC800; CloudEngine 6800 versión V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 versión V200R019C00SPC800; NE40E versión V800R011C00SPC200, V800R011C00SPC300, V800R011C10SPC100; NE40E-F versión V800R011C00SPC200, V800R011C10SPC100; NE40E-M versión V800R011C00SPC200, V800R011C10SPC100.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2019-11-29 CVE Reserved
  • 2020-05-29 CVE Published
  • 2023-03-07 EPSS Updated
  • 2024-08-04 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-772: Missing Release of Resource after Effective Lifetime
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Huawei
Search vendor "Huawei"
 Cloudengine 12800 Firmware
Search vendor "Huawei" for product "Cloudengine 12800 Firmware"
 v200r019c00
Search vendor "Huawei" for product "Cloudengine 12800 Firmware" and version "v200r019c00"
-
Affected
in Huawei
Search vendor "Huawei"
 Cloudengine 12800
Search vendor "Huawei" for product "Cloudengine 12800"
--
Safe
Huawei
Search vendor "Huawei"
 Cloudengine 12800 Firmware
Search vendor "Huawei" for product "Cloudengine 12800 Firmware"
 v200r019c00spc600
Search vendor "Huawei" for product "Cloudengine 12800 Firmware" and version "v200r019c00spc600"
-
Affected
in Huawei
Search vendor "Huawei"
 Cloudengine 12800
Search vendor "Huawei" for product "Cloudengine 12800"
--
Safe
Huawei
Search vendor "Huawei"
 Cloudengine 12800 Firmware
Search vendor "Huawei" for product "Cloudengine 12800 Firmware"
 v200r019c00spc800
Search vendor "Huawei" for product "Cloudengine 12800 Firmware" and version "v200r019c00spc800"
-
Affected
in Huawei
Search vendor "Huawei"
 Cloudengine 12800
Search vendor "Huawei" for product "Cloudengine 12800"
--
Safe
Huawei
Search vendor "Huawei"
 Cloudengine 12800 Firmware
Search vendor "Huawei" for product "Cloudengine 12800 Firmware"
 v200r019c10
Search vendor "Huawei" for product "Cloudengine 12800 Firmware" and version "v200r019c10"
-
Affected
in Huawei
Search vendor "Huawei"
 Cloudengine 12800
Search vendor "Huawei" for product "Cloudengine 12800"
--
Safe
Huawei
Search vendor "Huawei"
 Cloudengine 6800 Firmware
Search vendor "Huawei" for product "Cloudengine 6800 Firmware"
 v200r019c00spc800
Search vendor "Huawei" for product "Cloudengine 6800 Firmware" and version "v200r019c00spc800"
-
Affected
in Huawei
Search vendor "Huawei"
 Cloudengine 6800
Search vendor "Huawei" for product "Cloudengine 6800"
--
Safe