Information Leak Vulnerability in Huawei Cloud Products
CVE-2020-1841

7.5HIGH

Key Information:

Vendor: Huawei
Status: ClouD-Link Board; Dp300; Rse6500; Te60
Vendor: CVE Published:; 17 February 2020

Summary

An information leak vulnerability exists in various Huawei products, including CloudLink Board and related versions. This vulnerability enables unauthenticated remote attackers to conduct multiple attempts to guess confidential information. If successfully exploited, this could result in sensitive information disclosure, allowing potential attackers to access and misuse private data.

Affected Version(s)

CloudLink Board 20.0.0

DP300 V500R002C00

RSE6500 V100R001C00

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 17, 2020
Vulnerability Reserved
Nov 29, 2019