Published: 28/02/2020 Updated: 21/07/2021

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an access control bypass vulnerability. Attackers that can access to the internal network can exploit this vulnerability with careful deployment. Successful exploit may cause the access control to be bypassed, and attackers can directly access the Internet.

Vulnerable Product	Search on Vulmon	Subscribe to Product
huawei nip6800_firmware v500r001c30
huawei nip6800_firmware v500r001c60
huawei nip6800_firmware v500r005c00
huawei secospace_usg6600_firmware v500r001c30
huawei secospace_usg6600_firmware v500r001c60
huawei secospace_usg6600_firmware v500r005c00
huawei usg9500_firmware v500r001c30
huawei usg9500_firmware v500r001c60
huawei usg9500_firmware v500r005c00

There is an access control bypass vulnerability in some Huawei products Attackers that can access to the internal network can exploit this vulnerability with careful deployment Successful exploit may cause the access control to be bypassed, and attackers can directly access the Internet (Vulnerability ID: HWPSIRT-2019-12397) This vulnerability h ...

NVD-CWE-noinfo https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-02-firewall-en https://nvd.nist.gov https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-02-firewall-en

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-1860

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect