Huawei products Secospace USG6300 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability

Summary

Huawei products Secospace USG6300 suffers from exposure of sensitive information to an unauthorized actor vulnerability

Credit:

The information has been provided by ZhangRixin

The original article can be found at:https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-02-validation-en


Details

Huawei products Secospace USG6300;USG6300E with versions of V500R001C30,V500R001C50,V500R001C60,V500R001C80,V500R005C00,V500R005C10;V600R006C00 have a vulnerability of insufficient input verification. An attacker with limited privilege can exploit this vulnerability to access a specific directory. Successful exploitation of this vulnerability may lead to information leakage.

 

Vulnerable Systems:

Huawei products Secospace USG6300

Huawei products Secospace USG6300E with versions of V500R001C30

Huawei products Secospace V500R001C50

Huawei products Secospace V500R001C60

Huawei products Secospace V500R001C80

Huawei products Secospace V500R005C00

Huawei products Secospace V500R005C10

Huawei products Secospace V600R006C00

 

CVE Information:

CVE-2020-9075

Disclosure Timeline:
Published Date:6/15/2020

Categories: FeaturedNews