PT-2020-20524 · Huawei · Imanager Neteco 6000+1

Published

2020-12-29

Updated

2021-07-21

CVE-2020-9208

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions iManager NetEco 6000 version V600R021C00

Description The issue is related to an information leak due to a lack of authentication in a module. Attackers without access to the module can exploit this to obtain extra information.

Recommendations For iManager NetEco 6000 version V600R021C00, consider restricting access to the vulnerable module to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Missing Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-306

Related Identifiers

CVE-2020-9208

Affected Products

Huawei Vrp

Imanager Neteco 6000

PT-2020-20524 · Huawei · Imanager Neteco 6000+1

CVE-2020-9208

Weakness Enumeration

Related Identifiers

Affected Products

References · 6