CVE-2020-1847

3 documents3 sources

Severity

7.5HIGH

EPSS

0.2%

top 60.10%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Nip6300 Firmware Huawei Nip6600 Firmware Huawei Secospace Usg6300 Firmware +3 more

Timeline

PublishedNov 13

Latest updateMay 24

Description

There is a denial of service vulnerability in some Huawei products. There is no protection against the attack scenario of specific protocol. A remote, unauthorized attackers can construct attack scenarios, which leads to denial of service.Affected product versions include:NIP6300 versions V500R001C30,V500R001C60;NIP6600 versions V500R001C30,V500R001C60;Secospace USG6300 versions V500R001C30,V500R001C60;Secospace USG6500 versions V500R001C30,V500R001C60;Secospace USG6600 versions V500R001C30,V500…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages6 packages

▶NVDhuawei/secospace_usg6300_firmwarev500r001c30, v500r001c60+1

▶NVDhuawei/secospace_usg6500_firmwarev500r001c30, v500r001c60+1

▶NVDhuawei/secospace_usg6600_firmwarev500r001c30, v500r001c60+1

▶NVDhuawei/nip6300_firmwarev500r001c30, v500r001c60+1

▶NVDhuawei/nip6600_firmwarev500r001c30, v500r001c60+1

🔴Vulnerability Details

GHSA

GHSA-4h5w-x2h7-6xgh: There is a denial of service vulnerability in some Huawei products↗2022-05-24

▶

CVEList

CVE-2020-1847: There is a denial of service vulnerability in some Huawei products↗2020-11-13

▶