CVE-2020-9102

CWE-200Information Exposure3 documents3 sources
Severity
3.3LOW
EPSS
0.0%
top 93.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
Huawei Cloudengine 12800Huawei Cloudengine 5800Huawei Cloudengine 6800+5 more
Timeline
PublishedJul 17
Latest updateMay 24

Description

There is a information leak vulnerability in some Huawei products, and it could allow a local attacker to get information. The vulnerability is due to the improper management of the username. An attacker with the ability to access the device and cause the username information leak. Affected product versions include: CloudEngine 12800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800; CloudEngine 5800 versions V200R002C50SPC800, V200R003C00SPC8

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages8 packages

CVEListV5huawei/cloudengine_58005 versions+4
CVEListV5huawei/cloudengine_68006 versions+5
CVEListV5huawei/cloudengine_78005 versions+4
CVEListV5huawei/cloudengine_128005 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-4mqr-g5p6-c895: There is a information leak vulnerability in some Huawei products, and it could allow a local attacker to get information2022-05-24
CVEList
CVE-2020-9102: There is a information leak vulnerability in some Huawei products, and it could allow a local attacker to get information2020-07-17