CVE-2020-1858

3 documents3 sources

Severity

7.5HIGH

EPSS

0.2%

top 55.52%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Nip6800 Huawei Secospace Usg6600 Huawei Usg9500 +3 more

Timeline

PublishedFeb 17

Latest updateMay 24

Description

Huawei products NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; Secospace USG6600 versions V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100; and USG9500 versions V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have a denial of service vulnerability. Attackers need to perform a series of operations in a special scenario to exploit this vulnerability. Successful exploit may cause the new connections can't be established, result in a denial of service.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages6 packages

▶CVEListV5huawei/secospace_usg6600V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100+2

▶NVDhuawei/secospace_usg6600_firmware4 versions+3

▶CVEListV5huawei/nip6800V500R001C30, V500R001C60SPC500, V500R005C00SPC100+2

▶CVEListV5huawei/usg9500V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100+2

▶NVDhuawei/nip6800_firmwarev500r001c30, v500r001c60spc500, v500r005c00spc100+2

🔴Vulnerability Details

GHSA

GHSA-28j5-v67p-rr85: Huawei products NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; Secospace USG6600 versions V500R001C30SPC600, V500R001C60SPC50↗2022-05-24

▶

CVEList

CVE-2020-1858: Huawei products NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; Secospace USG6600 versions V500R001C30SPC600, V500R001C60SPC50↗2020-02-17

▶