Information Leak Vulnerability in USG9500 Device by Huawei
CVE-2020-9212

6.5MEDIUM

Key Information:

Vendor: Huawei
Status: Usg9500
Vendor: CVE Published:; 22 March 2021

Summary

The USG9500 device from Huawei contains a vulnerability where improper handling of user login information can lead to an information leak. An attacker exploiting this issue may gain unauthorized access to sensitive data and perform unintended operations, thereby compromising the device's integrity. It is essential for users of the USG9500 to apply the latest patches to mitigate this risk.

Affected Version(s)

USG9500 V500R005C00SPC100,V500R005C00SPC200,V500R005C20SPC300,V500R005C20SPC500,V500R005C20SPC600

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 22, 2021
Vulnerability Reserved
Feb 18, 2020