CVE-2020-1810 — MEDIUM (5.3)

Vulnerability Description

There is a weak algorithm vulnerability in some Huawei products. The affected products use the RSA algorithm in the SSL key exchange algorithm which have been considered as a weak algorithm. Attackers may exploit this vulnerability to leak some information.

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Huawei	Cloudengine 12800 Firmware	v100r003c00spc600
Huawei	Cloudengine 12800	-
Huawei	S5700 Firmware	v200r005c00spc500
Huawei	S5700	-
Huawei	S6700 Firmware	v200r005c00spc500
Huawei	S6700	-

Related Weaknesses (CWE)

CWE-327

References

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200108-01-rsa-enVendor Advisory
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200108-01-rsa-enVendor Advisory

FAQ

What is CVE-2020-1810?

CVE-2020-1810 is a vulnerability with a CVSS score of 5.3 (MEDIUM). There is a weak algorithm vulnerability in some Huawei products. The affected products use the RSA algorithm in the SSL key exchange algorithm which have been considered as a weak algorithm. Attackers...

How severe is CVE-2020-1810?

CVE-2020-1810 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-1810?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei Cloudengine 12800 Firmware, Huawei Cloudengine 12800, Huawei S5700 Firmware, Huawei S5700, Huawei S6700 Firmware.