Multiple vulnerabilities in some Huawei Products

1) Information disclosure

EUVDB-ID: #VU30119

Risk: Low

CVSSv3.1: 2.6 [CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-9102

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local attacker to gain access to potentially sensitive information.

The vulnerability exists due to the improper management of the username. A local attacker can gain unauthorized access to sensitive information on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Huawei CloudEngine 12800: V200R002C50SPC800 - V200R019C00SPC800

Huawei CloudEngine 5800: V200R002C50SPC800 - V200R019C00SPC800

Huawei CloudEngine 6800: V200R002C50SPC800 - V200R019C00SPC800

Huawei CloudEngine 7800: V200R002C50SPC800 - V200R019C00SPC800

External links

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-03-informationleak-en

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Out-of-bounds read

EUVDB-ID: #VU49046

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-9094

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition when a module does not deal with specific message properly. A remote attacker can send a malicious packet, trigger out-of-bounds read error and cause a denial of service condition on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Huawei CloudEngine 12800: V200R019C00SPC800

Huawei CloudEngine 5800: V200R019C00SPC800

Huawei CloudEngine 6800: V200R005C20SPC800 - V200R019C00SPC800

Huawei CloudEngine 7800: V200R019C00SPC800

External links

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201216-01-obr-en

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Improper Authentication

EUVDB-ID: #VU49047

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-9207

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to a module does not verify the input file properly. A remote attacker can send specially crafted files to bypass current verification mechanism.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Huawei CloudEngine 12800: V200R019C00SPC800

Huawei CloudEngine 5800: V200R019C00SPC800

Huawei CloudEngine 6800: V200R005C20SPC800 - V200R019C00SPC800

Huawei CloudEngine 7800: V200R019C00SPC800

External links

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201216-01-vrp-en

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.