fkie_nvd - fkie_cve-2020-1810

fkie_cve-2020-1810

Vulnerability from fkie_nvd

Published

2020-01-09 18:15

Modified

2024-11-21 05:11

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Summary

There is a weak algorithm vulnerability in some Huawei products. The affected products use the RSA algorithm in the SSL key exchange algorithm which have been considered as a weak algorithm. Attackers may exploit this vulnerability to leak some information.

References

▼	URL	Tags
	psirt@huawei.com	https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200108-01-rsa-en	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200108-01-rsa-en	Vendor Advisory

Impacted products

Vendor	Product	Version
huawei	cloudengine_12800_firmware	v100r003c00spc600
huawei	cloudengine_12800_firmware	v100r003c10spc100
huawei	cloudengine_12800_firmware	v100r005c00spc200
huawei	cloudengine_12800_firmware	v100r005c00spc300
huawei	cloudengine_12800_firmware	v100r005c10hp0001
huawei	cloudengine_12800_firmware	v100r005c10spc100
huawei	cloudengine_12800_firmware	v100r005c10spc200
huawei	cloudengine_12800_firmware	v100r006c00
huawei	cloudengine_12800_firmware	v200r001c00
huawei	cloudengine_12800_firmware	v200r002c01
huawei	cloudengine_12800_firmware	v200r002c10
huawei	cloudengine_12800_firmware	v200r002c20
huawei	cloudengine_12800_firmware	v200r005c10
huawei	cloudengine_12800	-
huawei	s5700_firmware	v200r005c00spc500
huawei	s5700_firmware	v200r005c03
huawei	s5700_firmware	v200r006c00spc100
huawei	s5700_firmware	v200r006c00spc300
huawei	s5700_firmware	v200r006c00spc500
huawei	s5700_firmware	v200r007c00spc100
huawei	s5700_firmware	v200r007c00spc500
huawei	s5700	-
huawei	s6700_firmware	v200r005c00spc500
huawei	s6700_firmware	v200r005c01
huawei	s6700	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r003c00spc600:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CAD1A04-54E8-4F24-A018-140F9FBD0562",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r003c10spc100:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA1E813D-57B1-449A-9513-3AFB083E116A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c00spc200:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D33A009-B3C9-4894-9426-D51E5D82A189",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c00spc300:*:*:*:*:*:*:*",
              "matchCriteriaId": "417BF51F-E61F-44C3-B479-102DFB3E9233",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c10hp0001:*:*:*:*:*:*:*",
              "matchCriteriaId": "7386FB64-0713-424B-A755-D1CABB877817",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c10spc100:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF4B8058-BEC1-4978-B12F-A526879FB7C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c10spc200:*:*:*:*:*:*:*",
              "matchCriteriaId": "02DB167B-D9CE-439C-8840-525E1A4BB079",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r006c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C2DACA5-0AA6-419B-AC6A-8CC19326758E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r001c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "4492E892-7BE5-413A-AD53-2D39BD6626F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r002c01:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A7B1A3E-5D5A-4E3A-89F1-73DA7FF0F060",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r002c10:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCC0FC04-05F0-4591-89EF-4E54D9A3ED8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r002c20:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7353CA0-9073-4EBD-B2FF-6FAD43274E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r005c10:*:*:*:*:*:*:*",
              "matchCriteriaId": "433BD50B-C8A5-4F0B-8905-18131C9FD364",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE8A2875-0F7E-4790-A925-5999396B7578",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c00spc500:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B3B076D-F61E-4BE0-B808-D86EB6A83D92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c03:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B18ABC1-A970-472A-A8BF-934D1180930E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r006c00spc100:*:*:*:*:*:*:*",
              "matchCriteriaId": "F56ADA0A-B3B1-4B6C-9800-EB28B61E3F03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r006c00spc300:*:*:*:*:*:*:*",
              "matchCriteriaId": "53A7B27E-CA45-44B7-9BE1-5B11D69BDDF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r006c00spc500:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8A24F24-F960-4F0F-A553-3C7EAE5C13E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r007c00spc100:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FF2F7D0-8A62-4B9B-9551-749178FEA120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r007c00spc500:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCDCF4CA-48CF-4AEC-B3EC-7CD9EF9E3DA4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c00spc500:*:*:*:*:*:*:*",
              "matchCriteriaId": "96FF5103-C97A-443A-8475-0E99A0175455",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c01:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4979AA8-0D8E-4F37-A7DC-709BE4821D51",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "There is a weak algorithm vulnerability in some Huawei products. The affected products use the RSA algorithm in the SSL key exchange algorithm which have been considered as a weak algorithm. Attackers may exploit this vulnerability to leak some information."
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad de algoritmo d\u00e9bil en algunos productos Huawei. Los productos afectados utilizan el algoritmo RSA en el algoritmo de intercambio de claves SSL que se ha considerado como un algoritmo d\u00e9bil. Los atacantes pueden explotar esta vulnerabilidad para filtrar cierta informaci\u00f3n."
    }
  ],
  "id": "CVE-2020-1810",
  "lastModified": "2024-11-21T05:11:25.460",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-01-09T18:15:10.593",
  "references": [
    {
      "source": "psirt@huawei.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200108-01-rsa-en"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200108-01-rsa-en"
    }
  ],
  "sourceIdentifier": "psirt@huawei.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-327"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2020-1810

Vulnerability from cvelistv5

Published

2020-01-09 17:44

Modified

2024-08-04 06:46