PT-2020-20494 · Huawei · Cloudengine 7800+4
Published
2020-07-15
·
Updated
2021-07-21
·
CVE-2020-9102
CVSS v3.1
3.3
Low
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
CloudEngine 12800 versions V200R002C50SPC800 through V200R019C00SPC800
CloudEngine 5800 versions V200R002C50SPC800 through V200R019C00SPC800
CloudEngine 6800 versions V200R002C50SPC800 through V200R019C00SPC800
CloudEngine 7800 versions V200R002C50SPC800 through V200R019C00SPC800
Description
The issue is an information leak vulnerability in Huawei products, allowing a local attacker to obtain information due to improper management of the
username. An attacker with device access can cause a username information leak.Recommendations
For CloudEngine 12800 versions V200R002C50SPC800 through V200R019C00SPC800, update to a version that properly manages the
username to prevent information leaks.
For CloudEngine 5800 versions V200R002C50SPC800 through V200R019C00SPC800, update to a version that properly manages the username to prevent information leaks.
For CloudEngine 6800 versions V200R002C50SPC800 through V200R019C00SPC800, update to a version that properly manages the username to prevent information leaks.
For CloudEngine 7800 versions V200R002C50SPC800 through V200R019C00SPC800, update to a version that properly manages the username to prevent information leaks.Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Cloudengine 12800
Cloudengine 5800
Cloudengine 6800
Cloudengine 7800
Huawei Vrp