{"containers": {"cna": {"affected": [{"product": "CloudEngine 12800", "vendor": "Huawei", "versions": [{"status": "affected", "version": "V200R002C50SPC800"}, {"status": "affected", "version": "V200R003C00SPC810"}, {"status": "affected", "version": "V200R005C00SPC800"}, {"status": "affected", "version": "V200R005C10SPC800"}]}, {"product": "CloudEngine 5800", "vendor": "Huawei", "versions": [{"status": "affected", "version": "V200R002C50SPC800"}, {"status": "affected", "version": "V200R003C00SPC810"}, {"status": "affected", "version": "V200R005C00SPC800"}, {"status": "affected", "version": "V200R005C10SPC800"}]}, {"product": "CloudEngine 6800", "vendor": "Huawei", "versions": [{"status": "affected", "version": "V200R002C50SPC800"}, {"status": "affected", "version": "V200R003C00SPC810"}, {"status": "affected", "version": "V200R005C00SPC800"}, {"status": "affected", "version": "V200R005C10SPC800"}]}, {"product": "CloudEngine 7800", "vendor": "Huawei", "versions": [{"status": "affected", "version": "V200R002C50SPC800"}, {"status": "affected", "version": "V200R003C00SPC810"}, {"status": "affected", "version": "V200R005C00SPC800"}, {"status": "affected", "version": "V200R005C10SPC800"}]}], "descriptions": [{"lang": "en", "value": "There is a memory leak vulnerability in some versions of Huawei CloudEngine product. An unauthenticated, remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause memory leak."}], "problemTypes": [{"descriptions": [{"description": "Memory Leak", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-12-29T17:17:07", "orgId": "25ac1063-e409-4190-8079-24548c77ea2e", "shortName": "huawei"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201223-01-cloudengine-en"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@huawei.com", "ID": "CVE-2020-9124", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "CloudEngine 12800", "version": {"version_data": [{"version_value": "V200R002C50SPC800"}, {"version_value": "V200R003C00SPC810"}, {"version_value": "V200R005C00SPC800"}, {"version_value": "V200R005C10SPC800"}]}}, {"product_name": "CloudEngine 5800", "version": {"version_data": [{"version_value": "V200R002C50SPC800"}, {"version_value": "V200R003C00SPC810"}, {"version_value": "V200R005C00SPC800"}, {"version_value": "V200R005C10SPC800"}]}}, {"product_name": "CloudEngine 6800", "version": {"version_data": [{"version_value": "V200R002C50SPC800"}, {"version_value": "V200R003C00SPC810"}, {"version_value": "V200R005C00SPC800"}, {"version_value": "V200R005C10SPC800"}]}}, {"product_name": "CloudEngine 7800", "version": {"version_data": [{"version_value": "V200R002C50SPC800"}, {"version_value": "V200R003C00SPC810"}, {"version_value": "V200R005C00SPC800"}, {"version_value": "V200R005C10SPC800"}]}}]}, "vendor_name": "Huawei"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "There is a memory leak vulnerability in some versions of Huawei CloudEngine product. An unauthenticated, remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause memory leak."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Memory Leak"}]}]}, "references": {"reference_data": [{"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201223-01-cloudengine-en", "refsource": "CONFIRM", "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201223-01-cloudengine-en"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T10:19:19.917Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201223-01-cloudengine-en"}]}]}, "cveMetadata": {"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e", "assignerShortName": "huawei", "cveId": "CVE-2020-9124", "datePublished": "2020-12-29T17:17:07", "dateReserved": "2020-02-18T00:00:00", "dateUpdated": "2024-08-04T10:19:19.917Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r002c50spc800:*:*:*:*:*:*:*", "matchCriteriaId": "D2A1D568-48C6-4CE4-8CD2-93F79F484448", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r003c00spc810:*:*:*:*:*:*:*", "matchCriteriaId": "32438232-3341-4056-B801-AA8F0F9E8DEC", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r005c00spc800:*:*:*:*:*:*:*", "matchCriteriaId": "32EF3B57-0B07-40C0-943D-2C21EEE4D747", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v200r005c10spc800:*:*:*:*:*:*:*", "matchCriteriaId": "F6A9B879-DBF0-4F31-9BF8-7148BC2FCED5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*", "matchCriteriaId": "DE8A2875-0F7E-4790-A925-5999396B7578", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r002c50spc800:*:*:*:*:*:*:*", "matchCriteriaId": "C78467A9-4091-4710-BFB8-A6FB0606BDF5", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r003c00spc810:*:*:*:*:*:*:*", "matchCriteriaId": "AB2923DC-9667-46F3-B879-C8C1DAECCC6F", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r005c00spc800:*:*:*:*:*:*:*", "matchCriteriaId": "6BA3C214-FBB1-428A-8C0B-DF797296FC0E", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v200r005c10spc800:*:*:*:*:*:*:*", "matchCriteriaId": "38CAD360-6AD5-4714-91BE-0AAB516EDA79", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*", "matchCriteriaId": "C8FD775C-F6B6-42B3-942E-EB4DC889B5F0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r002c50spc800:*:*:*:*:*:*:*", "matchCriteriaId": "B7D33183-3C97-4EA6-90F7-55ED36F710E5", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r003c00spc810:*:*:*:*:*:*:*", "matchCriteriaId": "DA5CC84F-27DD-4D5E-8F28-CD7D12EAD2D7", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c00spc800:*:*:*:*:*:*:*", "matchCriteriaId": "7F5DDE2E-B7B3-4D7A-A3EA-C15F968F1186", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v200r005c10spc800:*:*:*:*:*:*:*", "matchCriteriaId": "369FD60C-215C-4172-9CFC-39AD5492BE17", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*", "matchCriteriaId": "19F2B3CC-12AD-466D-98F9-0C09C7C053CF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r002c50spc800:*:*:*:*:*:*:*", "matchCriteriaId": "14C55E1D-E4E8-4E8F-8D3E-E3A72C5A45D8", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r003c00spc810:*:*:*:*:*:*:*", "matchCriteriaId": "70D64B7D-AA9B-476B-8389-617799BAC702", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r005c00spc800:*:*:*:*:*:*:*", "matchCriteriaId": "72424532-AB07-47DF-8301-275D6EC2F6D9", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v200r005c10spc800:*:*:*:*:*:*:*", "matchCriteriaId": "4196899F-1AB3-429A-B334-3B059DFBCAFD", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*", "matchCriteriaId": "D05E858C-A3D8-4BF1-A750-CFD8C949ABF0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "There is a memory leak vulnerability in some versions of Huawei CloudEngine product. An unauthenticated, remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause memory leak."}, {"lang": "es", "value": "Se presenta una vulnerabilidad de p\u00e9rdida de memoria en algunas versiones del producto Huawei CloudEngine. Un atacante remoto no autenticado puede explotar esta vulnerabilidad mediante el env\u00edo de un mensaje espec\u00edfico al producto afectado. Debido a que no se libera la memoria asignada apropiadamente, una explotaci\u00f3n con \u00e9xito puede causar p\u00e9rdida de memoria"}], "id": "CVE-2020-9124", "lastModified": "2024-11-21T05:40:05.920", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-12-29T18:15:13.230", "references": [{"source": "psirt@huawei.com", "tags": ["Vendor Advisory"], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201223-01-cloudengine-en"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201223-01-cloudengine-en"}], "sourceIdentifier": "psirt@huawei.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}