PT-2020-15127 · Huawei · Manageone+1

Published

2020-03-20

Updated

2020-03-24

CVE-2020-1862

CVSS v3.1

3.3

Low

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions CampusInsight version V100R019C00 ManageOne version 6.5.RC2.B050

Description A double free vulnerability exists in some Huawei products, allowing a local attacker with low privilege to perform operations that exploit the vulnerability. The successful exploitation of this issue, due to doubly freeing memory, may cause service abnormalities.

Recommendations For CampusInsight version V100R019C00, update to a version that fixes the double free vulnerability. For ManageOne version 6.5.RC2.B050, update to a version that fixes the double free vulnerability. As a temporary workaround, consider restricting access to the affected products until a patch is available.

Fix

Double Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-415

Related Identifiers

CVE-2020-1862

Affected Products

Campusinsight

Manageone

PT-2020-15127 · Huawei · Manageone+1

CVE-2020-1862

Weakness Enumeration

Related Identifiers

Affected Products

References · 4