CVE-2020-1876
Summary
| CVE | CVE-2020-1876 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2020-02-28 19:15:00 UTC |
| Updated | 2020-03-04 14:43:00 UTC |
| Description | NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds write vulnerability. An unauthenticated attacker crafts malformed packets with specific parameter and sends the packets to the affected products. Due to insufficient validation of packets, which may be exploited to cause the process reboot. |
Risk And Classification
Problem Types: CWE-787
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Huawei | Nip6800 | - | All | All | All |
| Hardware | Huawei | Nip6800 | - | All | All | All |
| Operating System | Huawei | Nip6800 Firmware | v500r001c30 | All | All | All |
| Operating System | Huawei | Nip6800 Firmware | v500r001c60spc500 | All | All | All |
| Operating System | Huawei | Nip6800 Firmware | v500r005c00 | All | All | All |
| Operating System | Huawei | Nip6800 Firmware | v500r001c30 | All | All | All |
| Operating System | Huawei | Nip6800 Firmware | v500r001c60spc500 | All | All | All |
| Operating System | Huawei | Nip6800 Firmware | v500r005c00 | All | All | All |
| Hardware | Huawei | Secospace Usg6600 | - | All | All | All |
| Hardware | Huawei | Secospace Usg6600 | - | All | All | All |
| Operating System | Huawei | Secospace Usg6600 Firmware | v500r001c30spc600 | All | All | All |
| Operating System | Huawei | Secospace Usg6600 Firmware | v500r001c60spc500 | All | All | All |
| Operating System | Huawei | Secospace Usg6600 Firmware | v500r005c00 | All | All | All |
| Operating System | Huawei | Secospace Usg6600 Firmware | v500r001c30spc600 | All | All | All |
| Operating System | Huawei | Secospace Usg6600 Firmware | v500r001c60spc500 | All | All | All |
| Operating System | Huawei | Secospace Usg6600 Firmware | v500r005c00 | All | All | All |
| Hardware | Huawei | Usg9500 | - | All | All | All |
| Hardware | Huawei | Usg9500 | - | All | All | All |
| Operating System | Huawei | Usg9500 Firmware | v500r001c30spc200 | All | All | All |
| Operating System | Huawei | Usg9500 Firmware | v500r001c30spc600 | All | All | All |
| Operating System | Huawei | Usg9500 Firmware | v500r001c60spc500 | All | All | All |
| Operating System | Huawei | Usg9500 Firmware | v500r005c00 | All | All | All |
| Operating System | Huawei | Usg9500 Firmware | v500r001c30spc200 | All | All | All |
| Operating System | Huawei | Usg9500 Firmware | v500r001c30spc600 | All | All | All |
| Operating System | Huawei | Usg9500 Firmware | v500r001c60spc500 | All | All | All |
| Operating System | Huawei | Usg9500 Firmware | v500r005c00 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Security Advisory - Out-of-bounds Write Vulnerability in Some Huawei Products | MISC | www.huawei.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.