CVE-2020-1870

CWE-7724 documents4 sources

Severity

7.5HIGH

EPSS

0.2%

top 60.10%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Cloudengine 12800 Huawei Cloudengine 5800 Huawei Cloudengine 6800 +6 more

Timeline

PublishedMay 29

Latest updateMay 24

Description

There is a denial of service vulnerability in some Huawei products. Due to improper memory management, memory leakage may occur in some special cases. Attackers can perform a series of operations to exploit this vulnerability. Successful exploit may cause a denial of service. Affected product versions include: CloudEngine 12800 versions V200R019C00SPC800; CloudEngine 5800 versions V200R019C00SPC800; CloudEngine 6800 versions V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 versions V200R01…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages9 packages

▶CVEListV5huawei/cloudengine_5800V200R019C00SPC800

▶CVEListV5huawei/cloudengine_6800V200R005C20SPC800, V200R019C00SPC800+1

▶CVEListV5huawei/cloudengine_7800V200R019C00SPC800

▶CVEListV5huawei/cloudengine_12800V200R019C00SPC800

▶NVDhuawei/cloudengine_6800_firmwarev200r019c00spc800

🔴Vulnerability Details

GHSA

GHSA-v2q9-m664-5f32: CloudEngine 12800 products with versions of V200R019C00, V200R019C10SPC800, V200R019C00SPC600, V200R019C10; and CloudEngine 6800 products with version↗2022-05-24

▶

CVEList

CVE-2020-1870: There is a denial of service vulnerability in some Huawei products↗2020-05-29

▶

💥Exploits & PoCs

Nuclei

ListSERV Maestro <= 9.0-8 RCE

▶