{"containers": {"cna": {"affected": [{"product": "AR3200", "vendor": "Huawei", "versions": [{"status": "affected", "version": "V200R007C00SPC900"}, {"status": "affected", "version": "V200R007C00SPCa00"}, {"status": "affected", "version": "V200R007C00SPCb00"}, {"status": "affected", "version": "V200R007C00SPCc00"}, {"status": "affected", "version": "V200R009C00SPC500"}]}], "descriptions": [{"lang": "en", "value": "Huawei AR3200 products with versions of V200R007C00SPC900, V200R007C00SPCa00, V200R007C00SPCb00, V200R007C00SPCc00, V200R009C00SPC500 have an improper authentication vulnerability. Attackers need to perform some operations to exploit the vulnerability. Successful exploit may obtain certain permissions on the device."}], "problemTypes": [{"descriptions": [{"description": "Improper Authentication", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-04-27T15:26:16", "orgId": "25ac1063-e409-4190-8079-24548c77ea2e", "shortName": "huawei"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-01-authentication-en"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@huawei.com", "ID": "CVE-2020-9068", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "AR3200", "version": {"version_data": [{"version_value": "V200R007C00SPC900"}, {"version_value": "V200R007C00SPCa00"}, {"version_value": "V200R007C00SPCb00"}, {"version_value": "V200R007C00SPCc00"}, {"version_value": "V200R009C00SPC500"}]}}]}, "vendor_name": "Huawei"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Huawei AR3200 products with versions of V200R007C00SPC900, V200R007C00SPCa00, V200R007C00SPCb00, V200R007C00SPCc00, V200R009C00SPC500 have an improper authentication vulnerability. Attackers need to perform some operations to exploit the vulnerability. Successful exploit may obtain certain permissions on the device."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Improper Authentication"}]}]}, "references": {"reference_data": [{"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-01-authentication-en", "refsource": "CONFIRM", "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-01-authentication-en"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T10:19:19.706Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-01-authentication-en"}]}]}, "cveMetadata": {"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e", "assignerShortName": "huawei", "cveId": "CVE-2020-9068", "datePublished": "2020-04-27T15:26:16", "dateReserved": "2020-02-18T00:00:00", "dateUpdated": "2024-08-04T10:19:19.706Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c00spc900:*:*:*:*:*:*:*", "matchCriteriaId": "6751A62B-6BCD-4CB7-AD52-1C5BBECB2EA8", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c00spca00:*:*:*:*:*:*:*", "matchCriteriaId": "5D512536-FBCC-4118-A1AA-F5BFD7B599A8", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c00spcb00:*:*:*:*:*:*:*", "matchCriteriaId": "C4E35FE1-0F62-4154-84BC-C31FE38E4677", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c00spcc00:*:*:*:*:*:*:*", "matchCriteriaId": "9E3F7A0C-3DAA-4D5B-8E46-78CF54C7AE8D", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r009c00spc500:*:*:*:*:*:*:*", "matchCriteriaId": "8CAF3B68-BCC3-42F4-AA56-6BB301066140", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar3200:-:*:*:*:*:*:*:*", "matchCriteriaId": "9309E1AA-0C4E-422C-9307-A8DD0AE5D576", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Huawei AR3200 products with versions of V200R007C00SPC900, V200R007C00SPCa00, V200R007C00SPCb00, V200R007C00SPCc00, V200R009C00SPC500 have an improper authentication vulnerability. Attackers need to perform some operations to exploit the vulnerability. Successful exploit may obtain certain permissions on the device."}, {"lang": "es", "value": "Los productos Huawei AR3200 con versiones V200R007C00SPC900, V200R007C00SPCa00, V200R007C00SPCb00, V200R007C00SPCc00, V200R009C00SPC500, tiene una vulnerabilidad de autenticaci\u00f3n inapropiada. Los atacantes deben llevar a cabo algunas operaciones para explotar la vulnerabilidad. Una explotaci\u00f3n con \u00e9xito puede obtener determinados permisos en el dispositivo."}], "id": "CVE-2020-9068", "lastModified": "2024-11-21T05:39:57.813", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-04-27T16:15:12.850", "references": [{"source": "psirt@huawei.com", "tags": ["Vendor Advisory"], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-01-authentication-en"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-01-authentication-en"}], "sourceIdentifier": "psirt@huawei.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}