CVE-2020-9068

CWE-287Improper Authentication3 documents3 sources
Severity
9.8CRITICAL
EPSS
0.2%
top 62.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei Ar3200Huawei Ar3200 Firmware
Timeline
PublishedApr 27
Latest updateMay 24

Description

Huawei AR3200 products with versions of V200R007C00SPC900, V200R007C00SPCa00, V200R007C00SPCb00, V200R007C00SPCc00, V200R009C00SPC500 have an improper authentication vulnerability. Attackers need to perform some operations to exploit the vulnerability. Successful exploit may obtain certain permissions on the device.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

CVEListV5huawei/ar32005 versions+4
NVDhuawei/ar3200_firmware5 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-3jfh-77jm-9vg4: Huawei AR3200 products with versions of V200R007C00SPC900, V200R007C00SPCa00, V200R007C00SPCb00, V200R007C00SPCc00, V200R009C00SPC500 have an improper2022-05-24
CVEList
CVE-2020-9068: Huawei AR3200 products with versions of V200R007C00SPC900, V200R007C00SPCa00, V200R007C00SPCb00, V200R007C00SPCc00, V200R009C00SPC500 have an improper2020-04-27
CVE-2020-9068 (CRITICAL CVSS 9.8) | Huawei AR3200 products with version | cvebase.io