← Zuruck zu CVEs
CVE-2020-9105
MEDIUM6.7
Beschreibung
Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have an insufficient input validation vulnerability. Due to the input validation logic is incorrect, an attacker can exploit this vulnerability to access and modify the memory of the device by doing a series of operations. Successful exploit may cause the service abnormal.
CVE Details
CVSS v3.1 Bewertung6.7
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorLOCAL
KomplexitatLOW
Erforderliche PrivilegienHIGH
BenutzerinteraktionNONE
Veroffentlicht10/9/2020
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
huawei:taurus-an00bhuawei:taurus-an00b_firmware
Schwachen (CWE)
CWE-20
Referenzen
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200923-01-outofbound-en(psirt@huawei.com)
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200923-01-outofbound-en(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.