PT-2020-15123 · Huawei · Nip6800+3
Published
2020-02-05
·
Updated
2021-07-21
·
CVE-2020-1857
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100
Huawei Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100
Description
The issue is related to improper processing of some data, allowing a local authenticated attacker to exploit it through a series of operations. This may cause information leakage.
Recommendations
For Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100, update to a version that fixes the improper data processing issue.
For Huawei Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100, update to a version that fixes the improper data processing issue.
As a temporary workaround, consider restricting access to sensitive data until a patch is available.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Huawei Vrp
Nip6800
Secospace Usg6600
Secospace Usg9500