VYPR

Secospace USG6600

by Huawei

CVEs (25)

  • CVE-2020-1847HigNov 13, 2020
    risk 0.49cvss 7.5epss 0.01

    There is a denial of service vulnerability in some Huawei products. There is no protection against the attack scenario of specific protocol. A remote, unauthorized attackers can construct attack scenarios, which leads to denial of service.Affected product versions…

  • CVE-2020-1881HigFeb 28, 2020
    risk 0.49cvss 7.5epss 0.01

    NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability. An attacker needs to perform specific operations to trigger a function of the affected device. Due to improper…

  • CVE-2020-1876HigFeb 28, 2020
    risk 0.49cvss 7.5epss 0.01

    NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds write vulnerability. An unauthenticated attacker crafts malformed packets with specific parameter and sends the packets to the affected products. Due to…

  • CVE-2020-1873HigFeb 28, 2020
    risk 0.49cvss 7.5epss 0.01

    NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds read vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products.…

  • CVE-2020-1860HigFeb 28, 2020
    risk 0.49cvss 7.5epss 0.01

    NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an access control bypass vulnerability. Attackers that can access to the internal network can exploit this vulnerability with careful deployment. Successful exploit…

  • CVE-2020-1816HigFeb 18, 2020
    risk 0.49cvss 7.5epss 0.01

    Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Denial of Service (DoS) vulnerability. Due to improper processing of specific IPSEC…

  • CVE-2020-1815HigFeb 18, 2020
    risk 0.49cvss 7.5epss 0.01

    Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a memory leak vulnerability. The software does not sufficiently track and release…

  • CVE-2020-1829HigFeb 17, 2020
    risk 0.49cvss 7.5epss 0.01

    Huawei NIP6800 versions V500R001C30 and V500R001C60SPC500; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, and V500R001C60SPC500 have a vulnerability that the IPSec module handles a message improperly. Attackers can send specific message to cause…

  • CVE-2020-1827HigFeb 17, 2020
    risk 0.49cvss 7.5epss 0.01

    Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have an information leakage vulnerability. An attacker can exploit this…

  • CVE-2020-1858HigFeb 17, 2020
    risk 0.49cvss 7.5epss 0.01

    Huawei products NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; Secospace USG6600 versions V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100; and USG9500 versions V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have a denial of…

  • CVE-2020-1828HigFeb 17, 2020
    risk 0.49cvss 7.5epss 0.01

    Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have an input validation vulnerability where the IPSec module does not validate a field in…

  • CVE-2020-9127MedNov 13, 2020
    risk 0.44cvss 6.7epss 0.00

    Some Huawei products have a command injection vulnerability. Due to insufficient input validation, an attacker with high privilege may inject some malicious codes in some files of the affected products. Successful exploit may cause command injection.Affected product versions…

  • CVE-2021-22411MedMay 27, 2021
    risk 0.42cvss 6.5epss 0.01

    There is an out-of-bounds write vulnerability in some Huawei products. The code of a module have a bad judgment logic. Attackers can exploit this vulnerability by performing multiple abnormal activities to trigger the bad logic and cause out-of-bounds write. This may compromise…

  • CVE-2020-1866MedJan 13, 2021
    risk 0.42cvss 6.5epss 0.00

    There is an out-of-bounds read vulnerability in several products. The software reads data past the end of the intended buffer when parsing certain crafted DHCP messages. Successful exploit could cause certain service abnormal. Affected product versions include:NIP6800 versions…

  • CVE-2020-9201MedDec 24, 2020
    risk 0.42cvss 6.5epss 0.00

    There is an out-of-bounds read vulnerability in some versions of NIP6800, Secospace USG6600 and USG9500. The software reads data past the end of the intended buffer when parsing DHCP messages including crafted parameter. Successful exploit could cause certain service abnormal.

  • CVE-2020-9101MedJul 18, 2020
    risk 0.42cvss 6.5epss 0.00

    There is an out-of-bounds write vulnerability in some products. An unauthenticated attacker crafts malformed packets with specific parameter and sends the packets to the affected products. Due to insufficient validation of packets, which may be exploited to cause the process…

  • CVE-2021-22356MedNov 23, 2021
    risk 0.38cvss 5.9epss 0.00

    There is a weak secure algorithm vulnerability in Huawei products. A weak secure algorithm is used in a module. Attackers can exploit this vulnerability by capturing and analyzing the messages between devices to obtain information. This can lead to information leak.Affected…

  • CVE-2020-1875MedFeb 28, 2020
    risk 0.36cvss 5.5epss 0.00

    NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. The software system access an invalid pointer when an abnormal condition occurs in certain operation. Successful exploit could…

  • CVE-2020-1874MedFeb 28, 2020
    risk 0.36cvss 5.5epss 0.00

    NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have a invalid pointer access vulnerability. The software system access an invalid pointer when operator logs in to the device and performs some operations. Successful…

  • CVE-2020-1857MedFeb 17, 2020
    risk 0.36cvss 5.5epss 0.00

    Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have an information leakage vulnerability. Due to improper processing of some…

Page 1 of 2