Main Vulnerability Database Vulnerabilities #VU25434

#VU25434 Resource management error in Huawei products - CVE-2020-1881

Published: February 19, 2020 / Updated: April 30, 2020

Vulnerability identifier: #VU25434

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2020-1881

CWE-ID: CWE-399

Exploitation vector: Adjecent network

Exploit availability: No public exploit available

Vulnerable software:
Huawei NIP6800
Huawei Secospace USG6600
USG9500

Software vendor:
Huawei

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper resource management of the function. A remote attacker on the local network can perform specific operations to trigger the function of the affected device and cause service abnormal on affected devices.

Remediation

Install updates from vendor's website.

External links

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-02-resource-en

#VU25434 Resource management error in Huawei products - CVE-2020-1881

Description

Remediation

External links

Please verify you're human