cnvd - cnvd-2020-10162

cnvd-2020-10162

Vulnerability from cnvd

Title: Huawei NIP6800、Secospace USG6600和USG9500拒绝服务漏洞

Description:

Huawei USG9500等都是中国华为（Huawei）公司的产品。USG9500是一款数据中心防火墙产品。NIP6800是一套入侵防御系统。USG6600是一款数据中防火墙产品。

Huawei NIP6800、Secospace USG6600和USG9500中存在拒绝服务漏洞，该漏洞源于程序没有正确处理IPSEC数据包。远程攻击者可通过发送构建的IPSEC数据包利用该漏洞造成IPSec功能异常。

Severity: 中

Patch Name: Huawei NIP6800、Secospace USG6600和USG9500拒绝服务漏洞的补丁

Patch Description:

Huawei USG9500等都是中国华为（Huawei）公司的产品。USG9500是一款数据中心防火墙产品。NIP6800是一套入侵防御系统。USG6600是一款数据中防火墙产品。

Huawei NIP6800、Secospace USG6600和USG9500中存在拒绝服务漏洞，该漏洞源于程序没有正确处理IPSEC数据包。远程攻击者可通过发送构建的IPSEC数据包利用该漏洞造成IPSec功能异常。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200212-03-firewall-cn

Reference: https://nvd.nist.gov/vuln/detail/CVE-2020-1816

Impacted products

Name
['Huawei USG9500 V500R001C30SPC200', 'Huawei USG9500 V500R001C30SPC600', 'Huawei USG9500 V500R001C60SPC500', 'Huawei USG9500 V500R005C00', 'Huawei Secospace USG6600 V500R005C00', 'Huawei Secospace USG6600 V500R001C60SPC500', 'Huawei Secospace USG6600 V500R001C30SPC600', 'Huawei Secospace USG6600 V500R001C30SPC200', 'Huawei NIP6800 V500R001C30', 'Huawei NIP6800 V500R001C60SPC500', 'Huawei NIP6800 V500R005C00']

Name

['Huawei USG9500 V500R001C30SPC200', 'Huawei USG9500 V500R001C30SPC600', 'Huawei USG9500 V500R001C60SPC500', 'Huawei USG9500 V500R005C00', 'Huawei Secospace USG6600 V500R005C00', 'Huawei Secospace USG6600 V500R001C60SPC500', 'Huawei Secospace USG6600 V500R001C30SPC600', 'Huawei Secospace USG6600 V500R001C30SPC200', 'Huawei NIP6800 V500R001C30', 'Huawei NIP6800 V500R001C60SPC500', 'Huawei NIP6800 V500R005C00']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-1816"
    }
  },
  "description": "Huawei USG9500\u7b49\u90fd\u662f\u4e2d\u56fd\u534e\u4e3a\uff08Huawei\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002USG9500\u662f\u4e00\u6b3e\u6570\u636e\u4e2d\u5fc3\u9632\u706b\u5899\u4ea7\u54c1\u3002NIP6800\u662f\u4e00\u5957\u5165\u4fb5\u9632\u5fa1\u7cfb\u7edf\u3002USG6600\u662f\u4e00\u6b3e\u6570\u636e\u4e2d\u9632\u706b\u5899\u4ea7\u54c1\u3002\n\nHuawei NIP6800\u3001Secospace USG6600\u548cUSG9500\u4e2d\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u6ca1\u6709\u6b63\u786e\u5904\u7406IPSEC\u6570\u636e\u5305\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u53d1\u9001\u6784\u5efa\u7684IPSEC\u6570\u636e\u5305\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210IPSec\u529f\u80fd\u5f02\u5e38\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200212-03-firewall-cn",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-10162",
  "openTime": "2020-02-18",
  "patchDescription": "Huawei USG9500\u7b49\u90fd\u662f\u4e2d\u56fd\u534e\u4e3a\uff08Huawei\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002USG9500\u662f\u4e00\u6b3e\u6570\u636e\u4e2d\u5fc3\u9632\u706b\u5899\u4ea7\u54c1\u3002NIP6800\u662f\u4e00\u5957\u5165\u4fb5\u9632\u5fa1\u7cfb\u7edf\u3002USG6600\u662f\u4e00\u6b3e\u6570\u636e\u4e2d\u9632\u706b\u5899\u4ea7\u54c1\u3002\r\n\r\nHuawei NIP6800\u3001Secospace USG6600\u548cUSG9500\u4e2d\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u6ca1\u6709\u6b63\u786e\u5904\u7406IPSEC\u6570\u636e\u5305\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u53d1\u9001\u6784\u5efa\u7684IPSEC\u6570\u636e\u5305\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210IPSec\u529f\u80fd\u5f02\u5e38\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Huawei NIP6800\u3001Secospace USG6600\u548cUSG9500\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Huawei USG9500 V500R001C30SPC200",
      "Huawei USG9500 V500R001C30SPC600",
      "Huawei USG9500 V500R001C60SPC500",
      "Huawei USG9500 V500R005C00",
      "Huawei Secospace USG6600 V500R005C00",
      "Huawei Secospace USG6600 V500R001C60SPC500",
      "Huawei Secospace USG6600 V500R001C30SPC600",
      "Huawei Secospace USG6600 V500R001C30SPC200",
      "Huawei NIP6800 V500R001C30",
      "Huawei NIP6800 V500R001C60SPC500",
      "Huawei NIP6800 V500R005C00"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2020-1816",
  "serverity": "\u4e2d",
  "submitTime": "2020-02-18",
  "title": "Huawei NIP6800\u3001Secospace USG6600\u548cUSG9500\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

CVE-2020-1816 (GCVE-0-2020-1816)

Vulnerability from cvelistv5

Published

2020-02-17 23:24

Modified

2024-08-04 06:46

Severity ?

CWE

Denial of Service

Summary

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Denial of Service (DoS) vulnerability. Due to improper processing of specific IPSEC packets, remote attackers can send constructed IPSEC packets to affected devices to exploit this vulnerability. Successful exploit could cause the IPSec function of the affected device abnormal.

References

▼	URL	Tags
	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-03-firewall-en	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

Huawei

NIP6800

Version: V500R001C30
Version: V500R001C60SPC500
Version: V500R005C00

Huawei

Secospace USG6600, USG9500

Version: V500R001C30SPC200
Version: V500R001C30SPC600
Version: V500R001C60SPC500
Version: V500R005C00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:46:30.940Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-03-firewall-en"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "NIP6800",
          "vendor": "Huawei",
          "versions": [
            {
              "status": "affected",
              "version": "V500R001C30"
            },
            {
              "status": "affected",
              "version": "V500R001C60SPC500"
            },
            {
              "status": "affected",
              "version": "V500R005C00"
            }
          ]
        },
        {
          "product": "Secospace USG6600, USG9500",
          "vendor": "Huawei",
          "versions": [
            {
              "status": "affected",
              "version": "V500R001C30SPC200"
            },
            {
              "status": "affected",
              "version": "V500R001C30SPC600"
            },
            {
              "status": "affected",
              "version": "V500R001C60SPC500"
            },
            {
              "status": "affected",
              "version": "V500R005C00"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Denial of Service (DoS) vulnerability. Due to improper processing of specific IPSEC packets, remote attackers can send constructed IPSEC packets to affected devices to exploit this vulnerability. Successful exploit could cause the IPSec function of the affected device abnormal."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of Service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-17T23:24:30",
        "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "shortName": "huawei"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-03-firewall-en"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@huawei.com",
          "ID": "CVE-2020-1816",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "NIP6800",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "V500R001C30"
                          },
                          {
                            "version_value": "V500R001C60SPC500"
                          },
                          {
                            "version_value": "V500R005C00"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Secospace USG6600, USG9500",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "V500R001C30SPC200"
                          },
                          {
                            "version_value": "V500R001C30SPC600"
                          },
                          {
                            "version_value": "V500R001C60SPC500"
                          },
                          {
                            "version_value": "V500R005C00"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Huawei"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Denial of Service (DoS) vulnerability. Due to improper processing of specific IPSEC packets, remote attackers can send constructed IPSEC packets to affected devices to exploit this vulnerability. Successful exploit could cause the IPSec function of the affected device abnormal."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of Service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-03-firewall-en",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-03-firewall-en"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
    "assignerShortName": "huawei",
    "cveId": "CVE-2020-1816",
    "datePublished": "2020-02-17T23:24:30",
    "dateReserved": "2019-11-29T00:00:00",
    "dateUpdated": "2024-08-04T06:46:30.940Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted