CVE-2020-1861 Information

Description

CloudEngine 12800 with versions of V200R001C00SPC600V200R001C00SPC700V200R002C01V200R002C50SPC800V200R002C50SPC800PWEV200R003C00SPC810V200R003C00SPC810PWEV200R005C00SPC600V200R005C00SPC800V200R005C00SPC800PWEV200R005C10V200R005C10SPC300 have an information leakage vulnerability in some Huawei products. In some special cases an authenticated attacker can exploit this vulnerability because the software processes data improperly. Successful exploitation may lead to information leakage.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Reference

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-01-leak-en

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction Required

HIGH

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

4.4