PT-2020-15129 · Huawei · Secospace Usg6600+9
Published
2020-01-22
·
Updated
2021-01-19
·
CVE-2020-1866
CVSS v3.1
6.5
Medium
| Vector | AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
NIP6800 versions V500R001C30 through V500R005C00
S12700 versions V200R008C00
S2700 versions V200R008C00
S5700 versions V200R008C00
S6700 versions V200R008C00
S7700 versions V200R008C00
S9700 versions V200R008C00
Secospace USG6600 versions V500R001C30SPC200 through V500R005C00
USG9500 versions V500R001C30SPC300 through V500R005C00
Description
The software reads data past the end of the intended buffer when parsing certain crafted DHCP messages, which could cause service abnormality.
Recommendations
For NIP6800 versions V500R001C30 through V500R005C00, update to a version that includes the fix for this issue.
For S12700 versions V200R008C00, update to a version that includes the fix for this issue.
For S2700 versions V200R008C00, update to a version that includes the fix for this issue.
For S5700 versions V200R008C00, update to a version that includes the fix for this issue.
For S6700 versions V200R008C00, update to a version that includes the fix for this issue.
For S7700 versions V200R008C00, update to a version that includes the fix for this issue.
For S9700 versions V200R008C00, update to a version that includes the fix for this issue.
For Secospace USG6600 versions V500R001C30SPC200 through V500R005C00, update to a version that includes the fix for this issue.
For USG9500 versions V500R001C30SPC300 through V500R005C00, update to a version that includes the fix for this issue.
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Huawei Vrp
Nip6800
S12700
S2700
S5700
S6700
S7700
S9700
Secospace Usg6600
Usg9500