CVE-2020-9069
6.5
Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability: 2.8 / Impact: 3.6
Source: NVD
Description
There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent attacker could exploit this vulnerability to decrypt data. Successful exploitation may leak information randomly. Affected product versions include: Anne-AL00 Versions earlier than 9.1.0.331(C675E9R1P3T8); Berkeley-L09 Versions earlier than 10.0.1.1(C675R1); CD16-10 Versions earlier than 10.0.2.8; CD17-10 Versions earlier than 10.0.2.8; CD17-16 Versions earlier than 10.0.2.8; CD18-10 Versions earlier than 10.0.2.8; CD18-16 Versions earlier than 10.0.2.8; Columbia-TL00B Versions earlier than 9.0.0.187(C01E181R1P20T8); E6878-370 Versions earlier than 10.0.5.1(H610SP10C00); HUAWEI P30 lite Versions earlier than 10.0.0.185(C605E3R1P3), Versions earlier than 10.0.0.197(C432E8R2P7); HUAWEI nova 4e Versions earlier than 10.0.0.158(C00E64R1P9); Honor 10 Lite 9.0.1.113(C675E11R1P12); LelandP-L22A Versions earlier than 9.1.0.166(C675E5R1P4T8); Marie-AL00AX Versions earlier than 10.0.0.158(C00E64R1P9); Marie-AL00AY Versions earlier than 10.0.0.158(C00E64R1P9); Marie-AL00BX Versions earlier than 10.0.0.158(C00E64R1P9); Marie-L03BX Versions earlier than 10.0.0.188(C605E5R1P1); Marie-L21BX Versions earlier than 10.0.0.188(C432E4R4P1), Versions earlier than 10.0.0.188(C461E5R3P1); Marie-L22BX Versions earlier than 10.0.0.188(C636E3R3P1); Marie-L23BX Versions earlier than 10.0.0.188(C605E5R1P1); TC5200-16 Versions earlier than 10.0.2.8; WS5200-11 Versions earlier than 10.0.2.8; WS5200-12 Versions earlier than 10.0.2.23; WS5200-16 Versions earlier than 10.0.2.8; WS5200-17 Versions earlier than 10.0.2.23; WS5800-10 Versions earlier than 10.0.3.27; WS6500-10 Versions earlier than 10.0.2.8; WS6500-16 Versions earlier than 10.0.2.8
Affected (19)
Products: Huawei: Anne Al00 Firmware, Berkeley L09 Firmware, Cd16 10 Firmware, Cd17 10 Firmware, Cd17 16 Firmware, Cd18 10 Firmware, Cd18 16 Firmware, Columbia Tl00b Firmware, E6878 370 Firmware, Honor 10 Lite Firmware, Lelandp L22a Firmware, Tc5200 16 Firmware, Ws5200 11 Firmware, Ws5200 16 Firmware, Ws5200 17 Firmware, Ws5800 10 Firmware, Ws6500 10 Firmware, Ws6500 16 Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 9.1.0.331\(c675e9r1p3t8\) |
| Running on/with | Platform Versions |
|---|---|
Huawei Anne Al00 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 10.0.1.1\(c675r1\) |
| Running on/with | Platform Versions |
|---|---|
Huawei Berkeley L09 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 10.0.2.8 |
| Running on/with | Platform Versions |
|---|---|
Huawei Cd16 10 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 10.0.2.8 |
| Running on/with | Platform Versions |
|---|---|
Huawei Cd17 10 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 10.0.2.8 |
| Running on/with | Platform Versions |
|---|---|
Huawei Cd17 16 | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before 10.0.2.8 |
| Running on/with | Platform Versions |
|---|---|
Huawei Cd18 10 | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before 10.0.2.8 |
| Running on/with | Platform Versions |
|---|---|
Huawei Cd18 16 | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before 9.0.0.187\(c01e181r1p20t8\) |
| Running on/with | Platform Versions |
|---|---|
Huawei Columbia Tl00b | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before 10.0.5.1\(h610sp10c00\) |
| Running on/with | Platform Versions |
|---|---|
Huawei E6878 370 | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Before 10.0.0.182\(c675e17r2p2\) |
| Running on/with | Platform Versions |
|---|---|
Huawei Honor 10 Lite | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Before 9.1.0.166\(c675e5r1p4t8\) |
| Running on/with | Platform Versions |
|---|---|
Huawei Lelandp L22a | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Before 10.0.2.8 |
| Running on/with | Platform Versions |
|---|---|
Huawei Tc5200 16 | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Before 10.0.2.8 |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Before 10.0.2.23 |
| Running on/with | Platform Versions |
|---|---|
Huawei Ws5200 11 | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Before 10.0.2.8 |
| Running on/with | Platform Versions |
|---|---|
Huawei Ws5200 16 | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Before 10.0.2.23 |
| Running on/with | Platform Versions |
|---|---|
Huawei Ws5200 17 | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Before 10.0.3.27 |
| Running on/with | Platform Versions |
|---|---|
Huawei Ws5800 10 | All versions |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| Before 10.0.2.8 |
| Running on/with | Platform Versions |
|---|---|
Huawei Ws6500 10 | All versions |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| Before 10.0.2.8 |
| Running on/with | Platform Versions |
|---|---|
Huawei Ws6500 16 | All versions |
References (2)
Source: psirt@huawei.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.