CVE-2020-1825

Опубликовано: 15 июн. 2020

Источник: nvd

CVSS3: 6.5

CVSS2: 4

EPSS Низкий

Описание

FusionAccess with versions earlier than 6.5.1.SPC002 have a Denial of Service (DoS) vulnerability. Due to insufficient verification on specific input, attackers can exploit this vulnerability by sending constructed messages to the affected device through another device on the same network. Successful exploit could cause affected devices to be abnormal.

Ссылки

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-01-fusionacces-en
Vendor Advisory
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-01-fusionacces-en
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:huawei:fusionaccess:*:*:*:*:*:*:*:*

Версия до 6.5.1.spc002 (исключая)

EPSS

Процентиль: 39%

0.00174

Низкий

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-9fxg-j66g-hxgc

github

больше 3 лет назад

Huawei FusionAccess products with versions earlier than 6.5.1.SPC002 has a Denial of Service (DoS) vulnerability. Due to insufficient verification on specific input, attackers can exploit this vulnerability by sending constructed messages to the affected device through other device on the same network. Successful exploit could cause affected devices to be abnormal.