CVE-2020-1830

5.3MEDIUM

Key Information:

Vendor: Huawei
Status: Nip6800; Secospace Usg6600, Usg9500
Vendor: CVE Published:; 18 February 2020

Summary

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a vulnerability that a memory management error exists when IPSec Module handing a specific message. This causes 1 byte out-of-bound read, compromising normal service.

Affected Version(s)

NIP6800 V500R001C30

NIP6800 V500R001C60SPC500

NIP6800 V500R005C00

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 18, 2020
Vulnerability Reserved
Nov 29, 2019