ID

VAR-202010-1175


CVE

CVE-2020-9111


TITLE

E6878-370  and  E6878-870  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2020-012670

DESCRIPTION

E6878-370 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233) and E6878-870 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP11C233) have a denial of service vulnerability. The system does not properly check some events, an attacker could launch the events continually, successful exploit could cause reboot of the process. E6878-370 and E6878-870 Contains an unspecified vulnerability.Denial of service (DoS) It may be put into a state. Huawei E6878-370 is a portable 5G router from China's Huawei (Huawei) company. The vulnerability is caused by the system's failure to check when the user processes an event. Attackers can use the vulnerability to cause the process to restart

Trust: 2.25

sources: NVD: CVE-2020-9111 // JVNDB: JVNDB-2020-012670 // CNVD: CNVD-2020-59055 // VULMON: CVE-2020-9111

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-59055

AFFECTED PRODUCTS

vendor:huaweimodel:e6878-870scope:eqversion:10.0.3.1\(h563sp11c233\)

Trust: 1.0

vendor:huaweimodel:e6878-370scope:eqversion:10.0.3.1\(h563sp21c233\)

Trust: 1.0

vendor:huaweimodel:e6878-370scope:eqversion:10.0.3.1\(h557sp27c233\)

Trust: 1.0

vendor:huaweimodel:e6878-870scope:eqversion:10.0.3.1\(h557sp27c233\)

Trust: 1.0

vendor:huaweimodel:e6878-370scope: - version: -

Trust: 0.8

vendor:huaweimodel:e6878-870scope: - version: -

Trust: 0.8

vendor:huaweimodel:e6878-370scope:eqversion:10.0.3.1

Trust: 0.6

vendor:huaweimodel:e6878-870scope:eqversion:10.0.3.1

Trust: 0.6

sources: CNVD: CNVD-2020-59055 // JVNDB: JVNDB-2020-012670 // NVD: CVE-2020-9111

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-9111
value: MEDIUM

Trust: 1.0

NVD: CVE-2020-9111
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2020-59055
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202010-643
value: MEDIUM

Trust: 0.6

VULMON: CVE-2020-9111
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2020-9111
severity: LOW
baseScore: 2.7
vectorString: AV:A/AC:L/AU:S/C:N/I:N/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 5.1
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2020-59055
severity: MEDIUM
baseScore: 6.1
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2020-9111
baseSeverity: MEDIUM
baseScore: 4.5
vectorString: CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 0.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2020-9111
baseSeverity: MEDIUM
baseScore: 4.5
vectorString: CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2020-59055 // VULMON: CVE-2020-9111 // JVNDB: JVNDB-2020-012670 // CNNVD: CNNVD-202010-643 // NVD: CVE-2020-9111

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD Evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2020-012670 // NVD: CVE-2020-9111

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202010-643

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202010-643

PATCH

title:huawei-sa-20201014-02-dosurl:https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-02-dos-en

Trust: 0.8

title:Patch for Huawei E6878-370 Denial of Service Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/237796

Trust: 0.6

title:Huawei E6878-370 Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=131283

Trust: 0.6

sources: CNVD: CNVD-2020-59055 // JVNDB: JVNDB-2020-012670 // CNNVD: CNNVD-202010-643

EXTERNAL IDS

db:NVDid:CVE-2020-9111

Trust: 3.1

db:JVNDBid:JVNDB-2020-012670

Trust: 0.8

db:CNVDid:CNVD-2020-59055

Trust: 0.6

db:CNNVDid:CNNVD-202010-643

Trust: 0.6

db:VULMONid:CVE-2020-9111

Trust: 0.1

sources: CNVD: CNVD-2020-59055 // VULMON: CVE-2020-9111 // JVNDB: JVNDB-2020-012670 // CNNVD: CNNVD-202010-643 // NVD: CVE-2020-9111

REFERENCES

url:https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-02-dos-en

Trust: 2.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-9111

Trust: 1.4

url:https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20201014-02-dos-cn

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: CNVD: CNVD-2020-59055 // VULMON: CVE-2020-9111 // JVNDB: JVNDB-2020-012670 // CNNVD: CNNVD-202010-643 // NVD: CVE-2020-9111

SOURCES

db:CNVDid:CNVD-2020-59055
db:VULMONid:CVE-2020-9111
db:JVNDBid:JVNDB-2020-012670
db:CNNVDid:CNNVD-202010-643
db:NVDid:CVE-2020-9111

LAST UPDATE DATE

2024-11-23T22:21:00.989000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2020-59055date:2020-10-28T00:00:00
db:VULMONid:CVE-2020-9111date:2020-10-29T00:00:00
db:JVNDBid:JVNDB-2020-012670date:2021-05-20T08:24:00
db:CNNVDid:CNNVD-202010-643date:2020-10-30T00:00:00
db:NVDid:CVE-2020-9111date:2024-11-21T05:40:03.720

SOURCES RELEASE DATE

db:CNVDid:CNVD-2020-59055date:2020-10-27T00:00:00
db:VULMONid:CVE-2020-9111date:2020-10-19T00:00:00
db:JVNDBid:JVNDB-2020-012670date:2021-05-20T00:00:00
db:CNNVDid:CNNVD-202010-643date:2020-10-14T00:00:00
db:NVDid:CVE-2020-9111date:2020-10-19T20:15:13.150