CVE-2020-9094

{"id": "CVE-2020-9094", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2020-12-29T18:15:13.183", "references": [{"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201216-01-obr-en", "tags": ["Vendor Advisory"], "source": "psirt@huawei.com"}, {"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201216-01-obr-en", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-125"}]}], "descriptions": [{"lang": "en", "value": "There is an out of bound read vulnerability in some verisons of Huawei CloudEngine product. A module does not deal with specific message properly. Attackers can exploit this vulnerability by sending malicious packet. This can lead to denial of service."}, {"lang": "es", "value": "Se presenta una vulnerabilidad de lectura fuera de l\u00edmites en algunas versiones del producto Huawei CloudEngine. Un m\u00f3dulo no se ocupa apropiadamente de un mensaje espec\u00edfico. Unos atacantes pueden explotar esta vulnerabilidad mediante el env\u00edo de paquetes maliciosos. Esto puede conllevar a una denegaci\u00f3n del servicio"}], "lastModified": "2024-11-21T05:40:00.677", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r019c00spc800:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "067ADFDC-B001-4270-9CA2-37F670B3BFAC"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DE8A2875-0F7E-4790-A925-5999396B7578"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r019c00spc800:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BCFEB001-EFF7-47AC-B67E-7B807780F009"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C8FD775C-F6B6-42B3-942E-EB4DC889B5F0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c20spc800:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AAC7C877-066F-4FB8-9AB7-D038CE6E5D8D"}, {"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r019c00spc800:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D96A7C4-88BE-4353-AC75-AF6841EEB6F9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "19F2B3CC-12AD-466D-98F9-0C09C7C053CF"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r019c00spc800:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BA12B395-7D70-445A-B0FD-47363787D1EE"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D05E858C-A3D8-4BF1-A750-CFD8C949ABF0"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@huawei.com"}