Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have an input validation vulnerability where the IPSec module does not validate a field in a specific message. Attackers can send specific message to cause out-of-bound read, compromising normal service.
References
Link | Resource |
---|---|
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-01-ipsec-en | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Information
Published : 2020-02-17 12:15
Updated : 2021-07-21 04:39
NVD link : CVE-2020-1828
Mitre link : CVE-2020-1828
JSON object : View
Products Affected
huawei
- secospace_usg6600
- usg9500
- nip6800
- nip6800_firmware
- usg9500_firmware
- secospace_usg6600_firmware