Information Leak Vulnerability in Huawei CloudEngine Products
CVE-2020-9102
3.3LOW
Key Information:
- Vendor
- Huawei
- Vendor
- CVE Published:
- 17 July 2020
Summary
An information leak vulnerability exists in certain Huawei CloudEngine products that may allow local attackers to access sensitive information. This vulnerability arises from inadequate handling of username data, which could potentially expose device information to unauthorized users. Affected versions span several models within the CloudEngine series, highlighting the need for users to apply available patches or mitigations to safeguard their systems.
Affected Version(s)
CloudEngine 12800 V200R002C50SPC800
CloudEngine 12800 V200R003C00SPC810
CloudEngine 12800 V200R005C00SPC800
References
CVSS V3.1
Score:
3.3
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved