Details of VAR-202012-1402

ID

VAR-202012-1402

CVE

CVE-2020-9120

TITLE

Huawei of cloudengine 1800v Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2020-018299

DESCRIPTION

CloudEngine 1800V versions V100R019C10SPC500 has a resource management error vulnerability. Remote unauthorized attackers could send specific types of messages to the device, resulting in the message received by the system can't be forwarded normally. Huawei of cloudengine 1800v Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. Huawei CloudEngine 1800V is a 1800V series data center switch from China Huawei

Trust: 2.25

sources: NVD: CVE-2020-9120 // JVNDB: JVNDB-2020-018299 // CNVD: CNVD-2022-04720 // VULHUB: VHN-187245

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2022-04720

AFFECTED PRODUCTS

vendor:	huawei	model:	cloudengine 1800v	scope:	eq	version:	v100r019c10spc500	Trust: 1.8
vendor:	huawei	model:	cloudengine 1800v	scope:	eq	version:	-	Trust: 0.8
vendor:	huawei	model:	cloudengine 1800v	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	cloudengine v100r019c10spc500	scope:	eq	version:	1800v	Trust: 0.6

sources: CNVD: CNVD-2022-04720 // JVNDB: JVNDB-2020-018299 // NVD: CVE-2020-9120

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-9120
value:	HIGH
Trust: 1.0
NVD:	CVE-2020-9120
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2022-04720
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202012-1541
value:	HIGH
Trust: 0.6
VULHUB:	VHN-187245
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2020-9120
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2022-04720
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-187245
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2020-9120
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2020-9120
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2022-04720 // VULHUB: VHN-187245 // JVNDB: JVNDB-2020-018299 // CNNVD: CNNVD-202012-1541 // NVD: CVE-2020-9120

PROBLEMTYPE DATA

problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	others (CWE-Other) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2020-018299 // NVD: CVE-2020-9120

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202012-1541

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202012-1541

PATCH

title:	Patch for Huawei CloudEngine 1800V Denial of Service Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/314246	Trust: 0.6
title:	Huawei CloudEngine 1800V Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=138068	Trust: 0.6

sources: CNVD: CNVD-2022-04720 // CNNVD: CNNVD-202012-1541

EXTERNAL IDS

db:	NVD	id:	CVE-2020-9120	Trust: 3.9
db:	JVNDB	id:	JVNDB-2020-018299	Trust: 0.8
db:	CNVD	id:	CNVD-2022-04720	Trust: 0.7
db:	CNNVD	id:	CNNVD-202012-1541	Trust: 0.7
db:	VULHUB	id:	VHN-187245	Trust: 0.1

sources: CNVD: CNVD-2022-04720 // VULHUB: VHN-187245 // JVNDB: JVNDB-2020-018299 // CNNVD: CNNVD-202012-1541 // NVD: CVE-2020-9120

REFERENCES

url:	https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201202-01-cloudengine-en	Trust: 2.5
url:	https://nvd.nist.gov/vuln/detail/cve-2020-9120	Trust: 2.0

sources: CNVD: CNVD-2022-04720 // VULHUB: VHN-187245 // JVNDB: JVNDB-2020-018299 // CNNVD: CNNVD-202012-1541 // NVD: CVE-2020-9120

SOURCES

db:	CNVD	id:	CNVD-2022-04720
db:	VULHUB	id:	VHN-187245
db:	JVNDB	id:	JVNDB-2020-018299
db:	CNNVD	id:	CNNVD-202012-1541
db:	NVD	id:	CVE-2020-9120

LAST UPDATE DATE

2024-11-23T21:35:01.311000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2022-04720	date:	2022-01-18T00:00:00
db:	VULHUB	id:	VHN-187245	date:	2020-12-28T00:00:00
db:	JVNDB	id:	JVNDB-2020-018299	date:	2024-07-18T10:27:00
db:	CNNVD	id:	CNNVD-202012-1541	date:	2021-01-05T00:00:00
db:	NVD	id:	CVE-2020-9120	date:	2024-11-21T05:40:05.473

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2022-04720	date:	2022-01-18T00:00:00
db:	VULHUB	id:	VHN-187245	date:	2020-12-24T00:00:00
db:	JVNDB	id:	JVNDB-2020-018299	date:	2024-07-18T00:00:00
db:	CNNVD	id:	CNNVD-202012-1541	date:	2020-12-24T00:00:00
db:	NVD	id:	CVE-2020-9120	date:	2020-12-24T16:15:15.943