PT-2020-1998 · Huawei · Secospace Usg9500+3
Published
2020-01-22
·
Updated
2020-02-20
·
CVE-2020-1827
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100
Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100
Description
The issue is related to an information leakage vulnerability that can be exploited by sending specific request packets to affected devices, potentially leading to information leakage. It is also associated with incorrect clearance or release of resources, which can cause a denial of service when a specific message is handled incorrectly by the IPSec Module, resulting in unreleased memory.
Recommendations
For Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100, restrict access to the IPSec Module to minimize the risk of exploitation.
For Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100, avoid using the IPSec Module until a fix is available.
As a temporary workaround, consider disabling the IPSec Module until a patch is available.
Fix
DoS
Improper Resource Release
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Huawei Nip6800
Huawei Vrp
Secospace Usg6600
Secospace Usg9500