{"containers": {"cna": {"affected": [{"product": "AR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR3200;AR3600;AR510;NetEngine16EX;SRG1300;SRG2300;SRG3300", "vendor": "n/a", "versions": [{"status": "affected", "version": "V200R007C00SPC900,V200R007C00SPCa00,V200R007C00SPCb00,V200R007C00SPCc00"}, {"status": "affected", "version": "V200R007C00SPC900,V200R007C00SPC900PWE,V200R007C00SPCa00,V200R007C00SPCb00,V200R007C00SPCb00PWE,V200R007C00SPCc00"}, {"status": "affected", "version": "V200R007C00SPC900,V200R007C00SPCb00,V200R007C00SPCc00"}, {"status": "affected", "version": "V200R007C00SPC900,V200R007C00SPC900PWE,V200R007C00SPCb00,V200R007C00SPCb00PWE,V200R007C00SPCc00"}, {"status": "affected", "version": "V200R007C00,V200R007C00SPC900,V200R007C00SPC900PWE,V200R007C00SPCa00,V200R007C00SPCb00,V200R007C00SPCb00PWE,V200R007C00SPCc00"}, {"status": "affected", "version": "V200R007C00SPC900"}, {"status": "affected", "version": "V200R007C00SPC900,V200R007C00SPCb00,V200R007C00SPCc00."}]}], "descriptions": [{"lang": "en", "value": "There is a few bytes out-of-bounds read vulnerability in some Huawei products. The software reads data past the end of the intended buffer when parsing certain message, an authenticated attacker could exploit this vulnerability by sending crafted messages to the device. Successful exploit may cause service abnormal in specific scenario.Affected product versions include:AR120-S versions V200R007C00SPC900,V200R007C00SPCa00"}], "problemTypes": [{"descriptions": [{"description": "Out of Bounds Read", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-06-01T14:02:46.000Z", "orgId": "25ac1063-e409-4190-8079-24548c77ea2e", "shortName": "huawei"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-01-oob-en"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@huawei.com", "ID": "CVE-2020-9071", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "AR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR3200;AR3600;AR510;NetEngine16EX;SRG1300;SRG2300;SRG3300", "version": {"version_data": [{"version_value": "V200R007C00SPC900,V200R007C00SPCa00,V200R007C00SPCb00,V200R007C00SPCc00"}, {"version_value": "V200R007C00SPC900,V200R007C00SPC900PWE,V200R007C00SPCa00,V200R007C00SPCb00,V200R007C00SPCb00PWE,V200R007C00SPCc00"}, {"version_value": "V200R007C00SPC900,V200R007C00SPCb00,V200R007C00SPCc00"}, {"version_value": "V200R007C00SPC900,V200R007C00SPC900PWE,V200R007C00SPCb00,V200R007C00SPCb00PWE,V200R007C00SPCc00"}, {"version_value": "V200R007C00SPC900,V200R007C00SPCb00,V200R007C00SPCc00"}, {"version_value": "V200R007C00SPC900,V200R007C00SPC900PWE,V200R007C00SPCb00,V200R007C00SPCb00PWE,V200R007C00SPCc00"}, {"version_value": "V200R007C00SPC900,V200R007C00SPC900PWE,V200R007C00SPCb00,V200R007C00SPCb00PWE,V200R007C00SPCc00"}, {"version_value": "V200R007C00SPC900,V200R007C00SPCb00,V200R007C00SPCc00"}, {"version_value": "V200R007C00SPC900,V200R007C00SPC900PWE,V200R007C00SPCa00,V200R007C00SPCb00,V200R007C00SPCb00PWE,V200R007C00SPCc00"}, {"version_value": "V200R007C00SPC900,V200R007C00SPCb00,V200R007C00SPCc00"}, {"version_value": "V200R007C00,V200R007C00SPC900,V200R007C00SPC900PWE,V200R007C00SPCa00,V200R007C00SPCb00,V200R007C00SPCb00PWE,V200R007C00SPCc00"}, {"version_value": "V200R007C00SPC900,V200R007C00SPC900PWE,V200R007C00SPCb00,V200R007C00SPCb00PWE,V200R007C00SPCc00"}, {"version_value": "V200R007C00SPC900"}, {"version_value": "V200R007C00SPC900,V200R007C00SPCb00,V200R007C00SPCc00"}, {"version_value": "V200R007C00SPC900,V200R007C00SPCb00,V200R007C00SPCc00"}, {"version_value": "V200R007C00SPC900,V200R007C00SPCb00,V200R007C00SPCc00"}, {"version_value": "V200R007C00SPC900,V200R007C00SPCb00,V200R007C00SPCc00."}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "There is a few bytes out-of-bounds read vulnerability in some Huawei products. The software reads data past the end of the intended buffer when parsing certain message, an authenticated attacker could exploit this vulnerability by sending crafted messages to the device. Successful exploit may cause service abnormal in specific scenario.Affected product versions include:AR120-S versions V200R007C00SPC900,V200R007C00SPCa00"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Out of Bounds Read"}]}]}, "references": {"reference_data": [{"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-01-oob-en", "refsource": "MISC", "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-01-oob-en"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T10:19:19.924Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-01-oob-en"}]}]}, "cveMetadata": {"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e", "assignerShortName": "huawei", "cveId": "CVE-2020-9071", "datePublished": "2020-06-01T14:02:46.000Z", "dateReserved": "2020-02-18T00:00:00.000Z", "dateUpdated": "2024-08-04T10:19:19.924Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar120-s_firmware:v200r007c00spc900:*:*:*:*:*:*:*", "matchCriteriaId": "AC2CB09F-4F9B-4AFA-96AE-AD1031FD610C", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar120-s_firmware:v200r007c00spca00:*:*:*:*:*:*:*", "matchCriteriaId": "55B9E1E9-C97A-4418-8594-8526D1A8AB86", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar120-s_firmware:v200r007c00spcb00:*:*:*:*:*:*:*", "matchCriteriaId": "7EBE292C-E42C-4862-A4BA-461D141ACEE3", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar120-s_firmware:v200r007c00spcc00:*:*:*:*:*:*:*", "matchCriteriaId": "553401BE-E1CE-48D0-8831-01F6918710D7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar120-s:-:*:*:*:*:*:*:*", "matchCriteriaId": "D0CFDB51-BF44-4433-AB2A-CFF553F8D640", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r007c00spc900:*:*:*:*:*:*:*", "matchCriteriaId": "3B453E3B-6CFD-46A2-8C00-56B195BB1142", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r007c00spc900pwe:*:*:*:*:*:*:*", "matchCriteriaId": "FD2E3EED-F962-43CE-9332-2CC7D8AE9BA7", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r007c00spca00:*:*:*:*:*:*:*", "matchCriteriaId": "809F7AB4-4AB1-4191-9149-8485C6996EC0", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r007c00spcb00:*:*:*:*:*:*:*", "matchCriteriaId": "00CD4F39-D343-4B8D-8C88-DF1C8FCB0F4E", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r007c00spcb00pwe:*:*:*:*:*:*:*", "matchCriteriaId": "8AEF27A5-2C1F-4A85-A9D0-2FC9BBC3A486", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r007c00spcc00:*:*:*:*:*:*:*", "matchCriteriaId": "F10E022A-3BB5-4920-8573-A69996A4737E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar1200:-:*:*:*:*:*:*:*", "matchCriteriaId": "D4BA4150-8CA8-48BF-9D45-ABC8AC710060", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r007c00spc900:*:*:*:*:*:*:*", "matchCriteriaId": "BFFFB2E5-3F36-438D-A865-5BE40F52575F", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r007c00spcb00:*:*:*:*:*:*:*", "matchCriteriaId": "D3E5FF9D-907D-444F-8D61-1DB841EED95A", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r007c00spcc00:*:*:*:*:*:*:*", "matchCriteriaId": "6A6BDF6C-B390-4E44-A98F-21D076ED82F3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar1200-s:-:*:*:*:*:*:*:*", "matchCriteriaId": "B053C248-3CC2-476D-95A7-90EDD8EAAD69", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r007c00spc900:*:*:*:*:*:*:*", "matchCriteriaId": "01E4070E-DB13-457C-96B4-CC44F87F0EE6", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r007c00spc900pwe:*:*:*:*:*:*:*", "matchCriteriaId": "66700350-7733-4BBE-A35E-C4BC5DC36C07", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r007c00spcb00:*:*:*:*:*:*:*", "matchCriteriaId": "845C5755-0207-412D-B362-BBA81873371E", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r007c00spcb00pwe:*:*:*:*:*:*:*", "matchCriteriaId": "8B5E98BF-4841-4FF7-852A-6B2E172B0E90", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r007c00spcc00:*:*:*:*:*:*:*", "matchCriteriaId": "6A447CCA-CC8E-41FE-96C3-93EC2FE5DC5D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar150:-:*:*:*:*:*:*:*", "matchCriteriaId": "526371A8-11FE-4D00-AFBB-8E867A320B27", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar150-s_firmware:v200r007c00spc900:*:*:*:*:*:*:*", "matchCriteriaId": "A4E5D607-8261-4699-9C0D-312132DCBF0C", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar150-s_firmware:v200r007c00spcb00:*:*:*:*:*:*:*", "matchCriteriaId": "2BE8592A-527F-43D1-A58C-12F73C29F9DD", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar150-s_firmware:v200r007c00spcc00:*:*:*:*:*:*:*", "matchCriteriaId": "D3FC3E34-E667-405B-BA77-C6ACCDBF4273", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar150-s:-:*:*:*:*:*:*:*", "matchCriteriaId": "ED3D18A0-71EC-4B1E-89FC-9522F9A64ACA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r007c00spc900:*:*:*:*:*:*:*", "matchCriteriaId": "1F192465-AD4A-4C02-A3B7-13ABF4729FE2", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r007c00spc900pwe:*:*:*:*:*:*:*", "matchCriteriaId": "BED7DC11-E079-4325-AABC-8C42AB5E1993", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r007c00spcb00:*:*:*:*:*:*:*", "matchCriteriaId": "2E50A93F-78A6-472D-89A3-755F1FBB8AB8", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r007c00spcb00pwe:*:*:*:*:*:*:*", "matchCriteriaId": "CD629F66-B032-49CA-ADCB-14EB8D65217C", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r007c00spcc00:*:*:*:*:*:*:*", "matchCriteriaId": "F29A154B-7A02-4049-80E0-604BD9E1ED34", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar160:-:*:*:*:*:*:*:*", "matchCriteriaId": "137A007D-A498-483F-8B4F-DCA118B25F11", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r007c00spc900:*:*:*:*:*:*:*", "matchCriteriaId": "E22F550A-091F-44E3-B10B-B3408907E061", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r007c00spc900pwe:*:*:*:*:*:*:*", "matchCriteriaId": "4C1C12C4-950E-4EDC-8471-84D01E66D764", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r007c00spcb00:*:*:*:*:*:*:*", "matchCriteriaId": "BE59F45F-5445-487F-A2A6-169F98109A4D", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r007c00spcb00pwe:*:*:*:*:*:*:*", "matchCriteriaId": "002FD618-7483-4ED5-ABBF-FB7F38D9F8EF", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r007c00spcc00:*:*:*:*:*:*:*", "matchCriteriaId": "A1698D8B-1A6B-4EEE-AA8C-A9A83331CD89", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar200:-:*:*:*:*:*:*:*", "matchCriteriaId": "2562CCF8-A4A7-4ACD-AA67-E3DB8B5ADA92", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar200-s_firmware:v200r007c00spc900:*:*:*:*:*:*:*", "matchCriteriaId": "D42AE1C2-0B11-4585-BBF9-1E36BAEE4810", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar200-s_firmware:v200r007c00spcb00:*:*:*:*:*:*:*", "matchCriteriaId": "4E900FBE-E15E-47C7-9421-E185F39B14B8", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar200-s_firmware:v200r007c00spcc00:*:*:*:*:*:*:*", "matchCriteriaId": "36E31E69-566A-46B7-A071-4320B0ECA742", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar200-s:-:*:*:*:*:*:*:*", "matchCriteriaId": "BEDFA4F2-3040-4355-B6E0-4F3B9FC2CDDC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r007c00spc900:*:*:*:*:*:*:*", "matchCriteriaId": "614DEA4C-5917-46D9-874F-F9655BEA72BD", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r007c00spc900pwe:*:*:*:*:*:*:*", "matchCriteriaId": "08AAACCF-4676-4C96-B0F0-84E5134DDA65", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r007c00spca00:*:*:*:*:*:*:*", "matchCriteriaId": "8471609C-D277-4152-8955-64C485B73668", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r007c00spcb00:*:*:*:*:*:*:*", "matchCriteriaId": "CBAF6DD3-1C3A-40B5-A368-943C47E5C285", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r007c00spcb00pwe:*:*:*:*:*:*:*", "matchCriteriaId": "FD36A7DB-E9C9-4463-B072-91E47CBCADA2", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r007c00spcc00:*:*:*:*:*:*:*", "matchCriteriaId": "97E3AF19-9B0A-42FF-A243-3737BF1178A1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar2200:-:*:*:*:*:*:*:*", "matchCriteriaId": "50662078-4827-4706-AE29-170E2239C5AE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar2200-s_firmware:v200r007c00spc900:*:*:*:*:*:*:*", "matchCriteriaId": "D1E6E4A9-B81A-4BB5-A2B6-184C94ED91E9", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar2200-s_firmware:v200r007c00spcb00:*:*:*:*:*:*:*", "matchCriteriaId": "4FEC2BCA-29D5-4000-9E9F-0315993A6227", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar2200-s_firmware:v200r007c00spcc00:*:*:*:*:*:*:*", "matchCriteriaId": "C7757E52-8706-403C-8584-32C97E182818", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar2200-s:-:*:*:*:*:*:*:*", "matchCriteriaId": "5862E1A5-0222-4059-B9D7-716A6D0EB8CC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c00:*:*:*:*:*:*:*", "matchCriteriaId": "9752658E-3CF5-4D9E-98FB-D15FD892479C", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c00spc900:*:*:*:*:*:*:*", "matchCriteriaId": "6751A62B-6BCD-4CB7-AD52-1C5BBECB2EA8", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c00spc900pwe:*:*:*:*:*:*:*", "matchCriteriaId": "623DC079-7FD2-41CC-8D71-4C0B0390BAB2", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c00spca00:*:*:*:*:*:*:*", "matchCriteriaId": "5D512536-FBCC-4118-A1AA-F5BFD7B599A8", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c00spcb00:*:*:*:*:*:*:*", "matchCriteriaId": "C4E35FE1-0F62-4154-84BC-C31FE38E4677", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c00spcb00pwe:*:*:*:*:*:*:*", "matchCriteriaId": "83479550-BC03-4A96-9E60-0E9A981BAFA9", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c00spcc00:*:*:*:*:*:*:*", "matchCriteriaId": "9E3F7A0C-3DAA-4D5B-8E46-78CF54C7AE8D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar3200:-:*:*:*:*:*:*:*", "matchCriteriaId": "9309E1AA-0C4E-422C-9307-A8DD0AE5D576", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar3600_firmware:v200r007c00spc900:*:*:*:*:*:*:*", "matchCriteriaId": "46FB85E3-3591-47E7-B42E-121C820F8BDC", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar3600_firmware:v200r007c00spc900pwe:*:*:*:*:*:*:*", "matchCriteriaId": "715D1E8B-F611-43A9-B66C-2722A74DC0F4", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar3600_firmware:v200r007c00spcb00:*:*:*:*:*:*:*", "matchCriteriaId": "348715EB-F40F-42E0-B7CE-7B7E5E522D27", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar3600_firmware:v200r007c00spcb00pwe:*:*:*:*:*:*:*", "matchCriteriaId": "E6230E69-1241-4EB6-A579-DC7CB13DC64B", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:ar3600_firmware:v200r007c00spcc00:*:*:*:*:*:*:*", "matchCriteriaId": "F6842ABD-9717-486E-8144-1C2138E47F66", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar3600:-:*:*:*:*:*:*:*", "matchCriteriaId": "D30DC2EA-1F76-4CA6-BAC2-8DC796BE50B1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar510_firmware:v200r007c00spc900:*:*:*:*:*:*:*", "matchCriteriaId": "AD9129C5-08E9-4689-8D19-478083484A4C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar510:-:*:*:*:*:*:*:*", "matchCriteriaId": "FCD9E893-609B-4C97-82E6-0651AEC39D14", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:netengine16ex_firmware:v200r007c00spc900:*:*:*:*:*:*:*", "matchCriteriaId": "6E20A8F0-D5B2-41C8-9034-0F85E23A8D11", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:netengine16ex_firmware:v200r007c00spcb00:*:*:*:*:*:*:*", "matchCriteriaId": "A739BF9A-48BA-4BB6-B933-171FE0F398D6", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:netengine16ex_firmware:v200r007c00spcc00:*:*:*:*:*:*:*", "matchCriteriaId": "637AD3B4-FB2C-4E76-9ACE-FD1B54D889C1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:netengine16ex:-:*:*:*:*:*:*:*", "matchCriteriaId": "E6224ECC-6949-4204-94D1-C7374C142A50", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r007c00spc900:*:*:*:*:*:*:*", "matchCriteriaId": "BC0EFF60-35FE-4EC1-B7FC-2428D48B1C8F", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r007c00spcb00:*:*:*:*:*:*:*", "matchCriteriaId": "4779E4B0-A285-4C9C-AE3F-3939AA540680", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r007c00spcc00:*:*:*:*:*:*:*", "matchCriteriaId": "5F110608-1B3C-4022-A250-F611187ED48C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:srg1300:-:*:*:*:*:*:*:*", "matchCriteriaId": "CF77FB70-AAF3-421E-8D9B-F0C54E6A2FC0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r007c00spc900:*:*:*:*:*:*:*", "matchCriteriaId": "097FD179-EEED-4EB9-85E7-4038E6B2F2C2", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r007c00spcb00:*:*:*:*:*:*:*", "matchCriteriaId": "5314EB9C-9146-4C60-BF66-9500758369EA", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r007c00spcc00:*:*:*:*:*:*:*", "matchCriteriaId": "7E043017-552A-40B7-8A1E-E746C9C77C70", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:srg2300:-:*:*:*:*:*:*:*", "matchCriteriaId": "9BAF601C-B8EC-42F5-95F4-274F8492F57E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r007c00spc900:*:*:*:*:*:*:*", "matchCriteriaId": "8DD92023-F342-4588-BAE2-F25CD0FDC2DF", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r007c00spcb00:*:*:*:*:*:*:*", "matchCriteriaId": "425CE7D8-7D23-4888-A26A-E7A525D25D56", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r007c00spcc00:*:*:*:*:*:*:*", "matchCriteriaId": "D3E651BC-4319-49A5-A24D-1E4127EAC58B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:srg3300:-:*:*:*:*:*:*:*", "matchCriteriaId": "43681AE7-5C12-4772-85A9-0A10177C6CFD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "There is a few bytes out-of-bounds read vulnerability in some Huawei products. The software reads data past the end of the intended buffer when parsing certain message, an authenticated attacker could exploit this vulnerability by sending crafted messages to the device. Successful exploit may cause service abnormal in specific scenario.Affected product versions include:AR120-S versions V200R007C00SPC900,V200R007C00SPCa00"}, {"lang": "es", "value": "Se presenta una vulnerabilidad de lectura fuera de l\u00edmites de ciertos bytes en algunos productos Huawei. El software lee los datos m\u00e1s all\u00e1 del final del b\u00fafer previsto cuando se analiza determinado mensaje, un atacante autenticado podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de mensajes dise\u00f1ados al dispositivo. Un explotaci\u00f3n con \u00e9xito puede causar un servicio anormal en un escenario espec\u00edfico. Las versiones del producto afectadas incluyen: AR120-S versiones V200R007C00SPC900,V200R007C00SPCa00"}], "id": "CVE-2020-9071", "lastModified": "2024-11-21T05:39:58.290", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-06-01T15:15:14.840", "references": [{"source": "psirt@huawei.com", "tags": ["Vendor Advisory"], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-01-oob-en"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-01-oob-en"}], "sourceIdentifier": "psirt@huawei.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}