Information Leak Vulnerability in USG9500 Device by Huawei
CVE-2020-9212

6.5MEDIUM

Key Information:

Vendor
Huawei
Status
Vendor
CVE Published:
22 March 2021

Summary

The USG9500 device from Huawei contains a vulnerability where improper handling of user login information can lead to an information leak. An attacker exploiting this issue may gain unauthorized access to sensitive data and perform unintended operations, thereby compromising the device's integrity. It is essential for users of the USG9500 to apply the latest patches to mitigate this risk.

Affected Version(s)

USG9500 V500R005C00SPC100,V500R005C00SPC200,V500R005C20SPC300,V500R005C20SPC500,V500R005C20SPC600

References

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.