var-202002-0619
Vulnerability from variot
CloudEngine 12800 with versions of V200R001C00SPC600,V200R001C00SPC700,V200R002C01,V200R002C50SPC800,V200R002C50SPC800PWE,V200R003C00SPC810,V200R003C00SPC810PWE,V200R005C00SPC600,V200R005C00SPC800,V200R005C00SPC800PWE,V200R005C10,V200R005C10SPC300 have an information leakage vulnerability in some Huawei products. In some special cases, an authenticated attacker can exploit this vulnerability because the software processes data improperly. Successful exploitation may lead to information leakage. Huawei CloudEngine 12800 is a 12800 series data center switch from Huawei of China.
An information disclosure vulnerability exists in Huawei CloudEngine 12800, which originates from improper processing of data
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202002-0619",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r001c00spc700"
},
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r002c50spc800pwe"
},
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r003c00spc810"
},
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r001c00spc600"
},
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r002c50spc800"
},
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r002c01"
},
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r003c00spc810pwe"
},
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r005c00spc800"
},
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r005c00spc600"
},
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v200r005c00spc800pwe"
},
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c10"
},
{
"model": "cloudengine 12800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005c10spc300"
},
{
"model": "cloudengine 12800",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "cloudengine v200r005c10",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v200r001c00spc600",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v200r001c00spc700",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v200r002c01",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v200r002c50spc800",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v200r002c50spc800pwe",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v200r003c00spc810",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v200r003c00spc810pwe",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v200r005c00spc600",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v200r005c00spc800",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v200r005c00spc800pwe",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v200r005c10spc300",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "12800"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-14318"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002388"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-994"
},
{
"db": "NVD",
"id": "CVE-2020-1861"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:huawei:cloudengine_12800_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002388"
}
]
},
"cve": "CVE-2020-1861",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2020-1861",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.1,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-002388",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2020-14318",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2020-1861",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.4,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-002388",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-1861",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2020-002388",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-14318",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202002-994",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-14318"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002388"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-994"
},
{
"db": "NVD",
"id": "CVE-2020-1861"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CloudEngine 12800 with versions of V200R001C00SPC600,V200R001C00SPC700,V200R002C01,V200R002C50SPC800,V200R002C50SPC800PWE,V200R003C00SPC810,V200R003C00SPC810PWE,V200R005C00SPC600,V200R005C00SPC800,V200R005C00SPC800PWE,V200R005C10,V200R005C10SPC300 have an information leakage vulnerability in some Huawei products. In some special cases, an authenticated attacker can exploit this vulnerability because the software processes data improperly. Successful exploitation may lead to information leakage. Huawei CloudEngine 12800 is a 12800 series data center switch from Huawei of China. \n\r\n\r\nAn information disclosure vulnerability exists in Huawei CloudEngine 12800, which originates from improper processing of data",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-1861"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002388"
},
{
"db": "CNVD",
"id": "CNVD-2020-14318"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-1861",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002388",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-14318",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202002-994",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-14318"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002388"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-994"
},
{
"db": "NVD",
"id": "CVE-2020-1861"
}
]
},
"id": "VAR-202002-0619",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-14318"
}
],
"trust": 1.575
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-14318"
}
]
},
"last_update_date": "2024-11-23T23:04:29.074000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20200219-01-leak",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-01-leak-en"
},
{
"title": "Patch for Huawei CloudEngine 12800 Information Disclosure Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/205655"
},
{
"title": "Huawei CloudEngine 12800 Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=110044"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-14318"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002388"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-994"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-200",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002388"
},
{
"db": "NVD",
"id": "CVE-2020-1861"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1861"
},
{
"trust": 1.6,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-01-leak-en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1861"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200219-01-leak-cn"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-14318"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002388"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-994"
},
{
"db": "NVD",
"id": "CVE-2020-1861"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-14318"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002388"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-994"
},
{
"db": "NVD",
"id": "CVE-2020-1861"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-14318"
},
{
"date": "2020-03-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-002388"
},
{
"date": "2020-02-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-994"
},
{
"date": "2020-02-28T19:15:11.780000",
"db": "NVD",
"id": "CVE-2020-1861"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-14318"
},
{
"date": "2020-03-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-002388"
},
{
"date": "2020-03-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-994"
},
{
"date": "2024-11-21T05:11:30.093000",
"db": "NVD",
"id": "CVE-2020-1861"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-994"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei CloudEngine 12800 Information Disclosure Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-14318"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-994"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-994"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…