Details of VAR-202006-1714

ID

VAR-202006-1714

CVE

CVE-2020-9071

TITLE

plural Huawei Out-of-bounds read vulnerabilities in the product

Trust: 0.8

sources: JVNDB: JVNDB-2020-005987

DESCRIPTION

There is a few bytes out-of-bounds read vulnerability in some Huawei products. The software reads data past the end of the intended buffer when parsing certain message, an authenticated attacker could exploit this vulnerability by sending crafted messages to the device. Successful exploit may cause service abnormal in specific scenario.Affected product versions include:AR120-S versions V200R007C00SPC900,V200R007C00SPCa00. plural Huawei The product contains an out-of-bounds read vulnerability.Service operation interruption (DoS) It may be put into a state. Huawei AR1200 is an enterprise router of Huawei. There are buffer error vulnerabilities in many Huawei products

Trust: 2.16

sources: NVD: CVE-2020-9071 // JVNDB: JVNDB-2020-005987 // CNVD: CNVD-2020-28979

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2020-28979

AFFECTED PRODUCTS

vendor:	huawei	model:	ar3200	scope:	eq	version:	v200r007c00spc900	Trust: 1.0
vendor:	huawei	model:	ar150	scope:	eq	version:	v200r007c00spc900	Trust: 1.0
vendor:	huawei	model:	ar3200	scope:	eq	version:	v200r007c00spcb00	Trust: 1.0
vendor:	huawei	model:	ar3600	scope:	eq	version:	v200r007c00spcb00pwe	Trust: 1.0
vendor:	huawei	model:	ar3200	scope:	eq	version:	v200r007c00spca00	Trust: 1.0
vendor:	huawei	model:	ar200-s	scope:	eq	version:	v200r007c00spc900	Trust: 1.0
vendor:	huawei	model:	ar150	scope:	eq	version:	v200r007c00spcb00	Trust: 1.0
vendor:	huawei	model:	ar2200	scope:	eq	version:	v200r007c00spcb00pwe	Trust: 1.0
vendor:	huawei	model:	ar200-s	scope:	eq	version:	v200r007c00spcb00	Trust: 1.0
vendor:	huawei	model:	ar120-s	scope:	eq	version:	v200r007c00spcc00	Trust: 1.0
vendor:	huawei	model:	srg3300	scope:	eq	version:	v200r007c00spcc00	Trust: 1.0
vendor:	huawei	model:	ar3600	scope:	eq	version:	v200r007c00spcc00	Trust: 1.0
vendor:	huawei	model:	ar2200	scope:	eq	version:	v200r007c00spcc00	Trust: 1.0
vendor:	huawei	model:	ar150	scope:	eq	version:	v200r007c00spcb00pwe	Trust: 1.0
vendor:	huawei	model:	ar3200	scope:	eq	version:	v200r007c00spcb00pwe	Trust: 1.0
vendor:	huawei	model:	ar160	scope:	eq	version:	v200r007c00spc900pwe	Trust: 1.0
vendor:	huawei	model:	ar200	scope:	eq	version:	v200r007c00spc900pwe	Trust: 1.0
vendor:	huawei	model:	ar3200	scope:	eq	version:	v200r007c00spcc00	Trust: 1.0
vendor:	huawei	model:	ar150	scope:	eq	version:	v200r007c00spcc00	Trust: 1.0
vendor:	huawei	model:	srg1300	scope:	eq	version:	v200r007c00spc900	Trust: 1.0
vendor:	huawei	model:	ar1200	scope:	eq	version:	v200r007c00spc900	Trust: 1.0
vendor:	huawei	model:	ar200-s	scope:	eq	version:	v200r007c00spcc00	Trust: 1.0
vendor:	huawei	model:	ar1200	scope:	eq	version:	v200r007c00spca00	Trust: 1.0
vendor:	huawei	model:	ar510	scope:	eq	version:	v200r007c00spc900	Trust: 1.0
vendor:	huawei	model:	netengine16ex	scope:	eq	version:	v200r007c00spc900	Trust: 1.0
vendor:	huawei	model:	srg1300	scope:	eq	version:	v200r007c00spcb00	Trust: 1.0
vendor:	huawei	model:	ar1200	scope:	eq	version:	v200r007c00spcb00	Trust: 1.0
vendor:	huawei	model:	ar3600	scope:	eq	version:	v200r007c00spc900pwe	Trust: 1.0
vendor:	huawei	model:	ar150-s	scope:	eq	version:	v200r007c00spc900	Trust: 1.0
vendor:	huawei	model:	ar3200	scope:	eq	version:	v200r007c00	Trust: 1.0
vendor:	huawei	model:	ar2200	scope:	eq	version:	v200r007c00spc900pwe	Trust: 1.0
vendor:	huawei	model:	netengine16ex	scope:	eq	version:	v200r007c00spcb00	Trust: 1.0
vendor:	huawei	model:	srg2300	scope:	eq	version:	v200r007c00spc900	Trust: 1.0
vendor:	huawei	model:	ar1200	scope:	eq	version:	v200r007c00spcb00pwe	Trust: 1.0
vendor:	huawei	model:	ar1200-s	scope:	eq	version:	v200r007c00spc900	Trust: 1.0
vendor:	huawei	model:	ar150-s	scope:	eq	version:	v200r007c00spcb00	Trust: 1.0
vendor:	huawei	model:	ar2200-s	scope:	eq	version:	v200r007c00spc900	Trust: 1.0
vendor:	huawei	model:	ar3200	scope:	eq	version:	v200r007c00spc900pwe	Trust: 1.0
vendor:	huawei	model:	srg2300	scope:	eq	version:	v200r007c00spcb00	Trust: 1.0
vendor:	huawei	model:	ar1200	scope:	eq	version:	v200r007c00spcc00	Trust: 1.0
vendor:	huawei	model:	ar1200-s	scope:	eq	version:	v200r007c00spcb00	Trust: 1.0
vendor:	huawei	model:	ar150	scope:	eq	version:	v200r007c00spc900pwe	Trust: 1.0
vendor:	huawei	model:	ar200	scope:	eq	version:	v200r007c00spc900	Trust: 1.0
vendor:	huawei	model:	ar2200-s	scope:	eq	version:	v200r007c00spcb00	Trust: 1.0
vendor:	huawei	model:	srg1300	scope:	eq	version:	v200r007c00spcc00	Trust: 1.0
vendor:	huawei	model:	ar160	scope:	eq	version:	v200r007c00spc900	Trust: 1.0
vendor:	huawei	model:	ar160	scope:	eq	version:	v200r007c00spcb00	Trust: 1.0
vendor:	huawei	model:	ar200	scope:	eq	version:	v200r007c00spcb00	Trust: 1.0
vendor:	huawei	model:	netengine16ex	scope:	eq	version:	v200r007c00spcc00	Trust: 1.0
vendor:	huawei	model:	ar150-s	scope:	eq	version:	v200r007c00spcc00	Trust: 1.0
vendor:	huawei	model:	ar160	scope:	eq	version:	v200r007c00spcc00	Trust: 1.0
vendor:	huawei	model:	srg3300	scope:	eq	version:	v200r007c00spc900	Trust: 1.0
vendor:	huawei	model:	ar3600	scope:	eq	version:	v200r007c00spc900	Trust: 1.0
vendor:	huawei	model:	srg2300	scope:	eq	version:	v200r007c00spcc00	Trust: 1.0
vendor:	huawei	model:	ar1200-s	scope:	eq	version:	v200r007c00spcc00	Trust: 1.0
vendor:	huawei	model:	ar160	scope:	eq	version:	v200r007c00spcb00pwe	Trust: 1.0
vendor:	huawei	model:	ar120-s	scope:	eq	version:	v200r007c00spc900	Trust: 1.0
vendor:	huawei	model:	ar200	scope:	eq	version:	v200r007c00spcb00pwe	Trust: 1.0
vendor:	huawei	model:	ar120-s	scope:	eq	version:	v200r007c00spcb00	Trust: 1.0
vendor:	huawei	model:	ar2200	scope:	eq	version:	v200r007c00spc900	Trust: 1.0
vendor:	huawei	model:	ar2200-s	scope:	eq	version:	v200r007c00spcc00	Trust: 1.0
vendor:	huawei	model:	ar120-s	scope:	eq	version:	v200r007c00spca00	Trust: 1.0
vendor:	huawei	model:	ar3600	scope:	eq	version:	v200r007c00spcb00	Trust: 1.0
vendor:	huawei	model:	ar200	scope:	eq	version:	v200r007c00spcc00	Trust: 1.0
vendor:	huawei	model:	srg3300	scope:	eq	version:	v200r007c00spcb00	Trust: 1.0
vendor:	huawei	model:	ar2200	scope:	eq	version:	v200r007c00spcb00	Trust: 1.0
vendor:	huawei	model:	ar1200	scope:	eq	version:	v200r007c00spc900pwe	Trust: 1.0
vendor:	huawei	model:	ar2200	scope:	eq	version:	v200r007c00spca00	Trust: 1.0
vendor:	huawei	model:	ar120-s	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ar1200	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ar1200-s	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ar150	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ar150-s	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ar160	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ar200	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ar200-s	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ar2200	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ar2200-s	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ar3200 v200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3200 v200r007c00spc900	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3200 v200r007c00spca00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3200 v200r007c00spcb00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3200 v200r007c00spcc00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar120-s v200r007c00spc900	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar120-s v200r007c00spca00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar120-s v200r007c00spcb00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar120-s v200r007c00spcc00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200 v200r007c00spc900	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200 v200r007c00spc900pwe	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200 v200r007c00spca00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200 v200r007c00spcb00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200 v200r007c00spcb00pwe	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200 v200r007c00spcc00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200-s v200r007c00spc900	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200-s v200r007c00spcb00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200-s v200r007c00spcc00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar150 v200r007c00spc900	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar150 v200r007c00spcb00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar150 v200r007c00spcb00pwe	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar150 v200r007c00spcc00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar150-s v200r007c00spc900	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar150-s v200r007c00spcb00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar150-s v200r007c00spcc00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar160 v200r007c00spc900	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar160 v200r007c00spc900pwe	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar160 v200r007c00spcb00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar160 v200r007c00spcb00pwe	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar160 v200r007c00spcc00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar200 v200r007c00spc900	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar200 v200r007c00spc900pwe	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar200 v200r007c00spcb00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar200 v200r007c00spcb00pwe	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar200 v200r007c00spcc00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200 v200r007c00spc900	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200 v200r007c00spc900pwe	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200 v200r007c00spcb00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200 v200r007c00spcb00pwe	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200 v200r007c00spcc00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3600 v200r007c00spc900	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3600 v200r007c00spc900pwe	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3600 v200r007c00spcb00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3600 v200r007c00spcb00pwe	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3600 v200r007c00spcc00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar510 v200r007c00spc900	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	netengine16ex v200r007c00spc900	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	netengine16ex v200r007c00spcb00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	netengine16ex v200r007c00spcc00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg1300 v200r007c00spc900	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg1300 v200r007c00spcb00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg1300 v200r007c00spcc00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg2300 v200r007c00spc900	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg2300 v200r007c00spcb00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg2300 v200r007c00spcc00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg3300 v200r007c00spc900	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg3300 v200r007c00spcb00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg3300 v200r007c00spcc00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar200-s v200r007c00spc900	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar200-s v200r007c00spcb00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar200-s v200r007c00spcc00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200-s v200r007c00spc900	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200-s v200r007c00spcb00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200-s v200r007c00spcc00	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2020-28979 // JVNDB: JVNDB-2020-005987 // NVD: CVE-2020-9071

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-9071
value:	MEDIUM
Trust: 1.0
NVD:	JVNDB-2020-005987
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2020-28979
value:	LOW
Trust: 0.6
CNNVD:	CNNVD-202004-1128
value:	MEDIUM
Trust: 0.6

nvd@nist.gov:	CVE-2020-9071
severity:	MEDIUM
baseScore:	4.0
vectorString:	AV:N/AC:L/AU:S/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
NVD:	JVNDB-2020-005987
severity:	MEDIUM
baseScore:	4.0
vectorString:	AV:N/AC:L/AU:S/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2020-28979
severity:	LOW
baseScore:	1.8
vectorString:	AV:A/AC:H/AU:N/C:N/I:N/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	3.2
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2020-9071
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	JVNDB-2020-005987
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2020-28979 // JVNDB: JVNDB-2020-005987 // CNNVD: CNNVD-202004-1128 // NVD: CVE-2020-9071

PROBLEMTYPE DATA

problemtype:

CWE-125

Trust: 1.8

sources: JVNDB: JVNDB-2020-005987 // NVD: CVE-2020-9071

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202004-1128

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202004-1128

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-005987

PATCH

title:	huawei-sa-20200415-01-oob	url:	https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-01-oob-en	Trust: 0.8
title:	Patch for Multiple Huawei products cross-border reading vulnerability (CNVD-2020-28979)	url:	https://www.cnvd.org.cn/patchInfo/show/218005	Trust: 0.6
title:	Multiple Huawei Product Buffer Error Vulnerability Fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116855	Trust: 0.6

sources: CNVD: CNVD-2020-28979 // JVNDB: JVNDB-2020-005987 // CNNVD: CNNVD-202004-1128

EXTERNAL IDS

db:	NVD	id:	CVE-2020-9071	Trust: 3.0
db:	JVNDB	id:	JVNDB-2020-005987	Trust: 0.8
db:	CNVD	id:	CNVD-2020-28979	Trust: 0.6
db:	CNNVD	id:	CNNVD-202004-1128	Trust: 0.6

sources: CNVD: CNVD-2020-28979 // JVNDB: JVNDB-2020-005987 // CNNVD: CNNVD-202004-1128 // NVD: CVE-2020-9071

REFERENCES

url:	https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-01-oob-en	Trust: 1.6
url:	https://nvd.nist.gov/vuln/detail/cve-2020-9071	Trust: 1.4
url:	https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200415-01-oob-cn	Trust: 1.2
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-9071	Trust: 0.8

sources: CNVD: CNVD-2020-28979 // JVNDB: JVNDB-2020-005987 // CNNVD: CNNVD-202004-1128 // NVD: CVE-2020-9071

SOURCES

db:	CNVD	id:	CNVD-2020-28979
db:	JVNDB	id:	JVNDB-2020-005987
db:	CNNVD	id:	CNNVD-202004-1128
db:	NVD	id:	CVE-2020-9071

LAST UPDATE DATE

2024-11-23T22:55:07.635000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2020-28979	date:	2020-05-19T00:00:00
db:	JVNDB	id:	JVNDB-2020-005987	date:	2020-06-25T00:00:00
db:	CNNVD	id:	CNNVD-202004-1128	date:	2020-06-04T00:00:00
db:	NVD	id:	CVE-2020-9071	date:	2024-11-21T05:39:58.290

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2020-28979	date:	2020-05-19T00:00:00
db:	JVNDB	id:	JVNDB-2020-005987	date:	2020-06-25T00:00:00
db:	CNNVD	id:	CNNVD-202004-1128	date:	2020-04-15T00:00:00
db:	NVD	id:	CVE-2020-9071	date:	2020-06-01T15:15:14.840