CVE-2020-1810Use of a Broken or Risky Cryptographic Algorithm in Huawei Cloudengine 12800 Firmware

CWE-327Use of a Broken or Risky Cryptographic Algorithm4 documents4 sources
Severity
5.3MEDIUMNVD
EPSS
0.1%
top 76.53%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Huawei Cloudengine 12800 FirmwareHuawei S5700 FirmwareHuawei S6700 Firmware
Timeline
PublishedJan 9
Latest updateMay 24

Description

There is a weak algorithm vulnerability in some Huawei products. The affected products use the RSA algorithm in the SSL key exchange algorithm which have been considered as a weak algorithm. Attackers may exploit this vulnerability to leak some information.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages3 packages

NVDhuawei/s5700_firmware7 versions+6
NVDhuawei/s6700_firmwarev200r005c00spc500, v200r005c01+1

🔴Vulnerability Details

2
GHSA
GHSA-784w-6w6h-jjwp: Huawei products CloudEngine 12800, S5700, and S6700 have a weak algorithm vulnerability2022-05-24
CVEList
CVE-2020-1810: There is a weak algorithm vulnerability in some Huawei products2020-01-09

💬Community

1
Bugzilla
CVE-2019-19924 sqlite: incorrect sqlite3WindowRewrite() error handling leads to mishandling certain parser-tree rewriting2020-01-08
CVE-2020-1810 — Huawei vulnerability | cvebase