CVE-2020-1818
Published: Dec 27, 2024
Modified: Dec 27, 2024
CVSS v3.1
3.7
Description
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289) The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
| Vendor | Product | Versions |
|---|---|---|
Huawei | IPS Module | affected V500R001C30affected V500R001C60affected V500R005C00 |
Huawei | NGFW Module | affected V500R002C00affected V500R002C20affected V500R005C00 |
Huawei | NIP6300 | affected V500R001C30affected V500R001C60affected V500R005C00 |
Huawei | NIP6600 | affected V500R001C30affected V500R001C60affected V500R005C00 |
Huawei | NIP6800 | affected V500R001C60affected V500R005C00 |
Huawei | Secospace USG6300 | affected V500R001C30affected V500R001C60affected V500R005C00 |
Huawei | Secospace USG6500 | affected V500R001C30affected V500R001C60affected V500R005C00 |
Huawei | Secospace USG6600 | affected V500R001C30affected V500R005C00 |
Huawei | USG6000V | affected V500R003C00 |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now