CVE-2020-1828
N/A
N/A
Summary
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have an input validation vulnerability where the IPSec module does not validate a field in a specific message. Attackers can send specific message to cause out-of-bound read, compromising normal service.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Huawei | NIP6800 | V500R001C30 | affected |
| Huawei | NIP6800 | V500R001C60SPC500 | affected |
| Huawei | NIP6800 | V500R005C00 | affected |
| Huawei | Secospace USG6600 | V500R001C30SPC200 | affected |
| Huawei | Secospace USG6600 | V500R001C30SPC600 | affected |
| Huawei | Secospace USG6600 | V500R001C60SPC500 | affected |
| Huawei | Secospace USG6600 | V500R005C00 | affected |
| Huawei | USG9500 | V500R001C30SPC200 | affected |
| Huawei | USG9500 | V500R001C30SPC600 | affected |
| Huawei | USG9500 | V500R001C60SPC500 | affected |
| Huawei | USG9500 | V500R005C00 | affected |
Weaknesses
- Input Validation
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.