CVE-2020-9101
Summary
| CVE | CVE-2020-9101 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2020-07-18 01:16:00 UTC |
| Updated | 2020-07-24 15:28:00 UTC |
| Description | There is an out-of-bounds write vulnerability in some products. An unauthenticated attacker crafts malformed packets with specific parameter and sends the packets to the affected products. Due to insufficient validation of packets, which may be exploited to cause the process reboot. Affected product versions include: IPS Module versions V500R005C00, V500R005C10; NGFW Module versions V500R005C00, V500R005C10; Secospace USG6300 versions V500R001C30, V500R001C60, V500R005C00, V500R005C10; Secospace USG6500 versions V500R001C30, V500R001C60, V500R005C00, V500R005C10; Secospace USG6600 versions V500R001C30, V500R001C60, V500R005C00, V500R005C10; USG9500 versions V500R001C30, V500R001C60, V500R005C00, V500R005C10 |
Risk And Classification
Problem Types: CWE-787
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Huawei | Ips Module | - | All | All | All |
| Hardware | Huawei | Ips Module | - | All | All | All |
| Operating System | Huawei | Ips Module Firmware | v500r005c00 | All | All | All |
| Operating System | Huawei | Ips Module Firmware | v500r005c10 | All | All | All |
| Operating System | Huawei | Ips Module Firmware | v500r005c00 | All | All | All |
| Operating System | Huawei | Ips Module Firmware | v500r005c10 | All | All | All |
| Hardware | Huawei | Ngfw Module | - | All | All | All |
| Hardware | Huawei | Ngfw Module | - | All | All | All |
| Operating System | Huawei | Ngfw Module Firmware | v500r005c00 | All | All | All |
| Operating System | Huawei | Ngfw Module Firmware | v500r005c10 | All | All | All |
| Operating System | Huawei | Ngfw Module Firmware | v500r005c00 | All | All | All |
| Operating System | Huawei | Ngfw Module Firmware | v500r005c10 | All | All | All |
| Hardware | Huawei | Secospace Usg6300 | - | All | All | All |
| Hardware | Huawei | Secospace Usg6300 | - | All | All | All |
| Operating System | Huawei | Secospace Usg6300 Firmware | v500r001c30 | All | All | All |
| Operating System | Huawei | Secospace Usg6300 Firmware | v500r001c60 | All | All | All |
| Operating System | Huawei | Secospace Usg6300 Firmware | v500r005c00 | All | All | All |
| Operating System | Huawei | Secospace Usg6300 Firmware | v500r005c10 | All | All | All |
| Operating System | Huawei | Secospace Usg6300 Firmware | v500r001c30 | All | All | All |
| Operating System | Huawei | Secospace Usg6300 Firmware | v500r001c60 | All | All | All |
| Operating System | Huawei | Secospace Usg6300 Firmware | v500r005c00 | All | All | All |
| Operating System | Huawei | Secospace Usg6300 Firmware | v500r005c10 | All | All | All |
| Hardware | Huawei | Secospace Usg6500 | - | All | All | All |
| Hardware | Huawei | Secospace Usg6500 | - | All | All | All |
| Operating System | Huawei | Secospace Usg6500 Firmware | v500r001c30 | All | All | All |
| Operating System | Huawei | Secospace Usg6500 Firmware | v500r001c60 | All | All | All |
| Operating System | Huawei | Secospace Usg6500 Firmware | v500r005c00 | All | All | All |
| Operating System | Huawei | Secospace Usg6500 Firmware | v500r005c10 | All | All | All |
| Operating System | Huawei | Secospace Usg6500 Firmware | v500r001c30 | All | All | All |
| Operating System | Huawei | Secospace Usg6500 Firmware | v500r001c60 | All | All | All |
| Operating System | Huawei | Secospace Usg6500 Firmware | v500r005c00 | All | All | All |
| Operating System | Huawei | Secospace Usg6500 Firmware | v500r005c10 | All | All | All |
| Hardware | Huawei | Secospace Usg6600 | - | All | All | All |
| Hardware | Huawei | Secospace Usg6600 | - | All | All | All |
| Operating System | Huawei | Secospace Usg6600 Firmware | v500r001c30 | All | All | All |
| Operating System | Huawei | Secospace Usg6600 Firmware | v500r001c60 | All | All | All |
| Operating System | Huawei | Secospace Usg6600 Firmware | v500r005c00 | All | All | All |
| Operating System | Huawei | Secospace Usg6600 Firmware | v500r005c10 | All | All | All |
| Operating System | Huawei | Secospace Usg6600 Firmware | v500r001c30 | All | All | All |
| Operating System | Huawei | Secospace Usg6600 Firmware | v500r001c60 | All | All | All |
| Operating System | Huawei | Secospace Usg6600 Firmware | v500r005c00 | All | All | All |
| Operating System | Huawei | Secospace Usg6600 Firmware | v500r005c10 | All | All | All |
| Hardware | Huawei | Usg9500 | - | All | All | All |
| Hardware | Huawei | Usg9500 | - | All | All | All |
| Operating System | Huawei | Usg9500 Firmware | v500r001c30 | All | All | All |
| Operating System | Huawei | Usg9500 Firmware | v500r001c60 | All | All | All |
| Operating System | Huawei | Usg9500 Firmware | v500r005c00 | All | All | All |
| Operating System | Huawei | Usg9500 Firmware | v500r005c10 | All | All | All |
| Operating System | Huawei | Usg9500 Firmware | v500r001c30 | All | All | All |
| Operating System | Huawei | Usg9500 Firmware | v500r001c60 | All | All | All |
| Operating System | Huawei | Usg9500 Firmware | v500r005c00 | All | All | All |
| Operating System | Huawei | Usg9500 Firmware | v500r005c10 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Security Advisory - Out-of-bounds Write Vulnerability in Some Huawei Products | CONFIRM | www.huawei.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.