1. Home
  2. CVE Database
  3. CVE-2020-1842
MEDIUM · 6.8

CVE-2020-1842

Huawei HEGE-560 version 1.0.1.20(SP2); OSCA-550 and OSCA-550A version 1.0.0.71(SP1); and OSCA-550AX and OSCA-550X version 1.0.0.71(SP2) have an insufficient authentication vulnerability. An attacker c...

Vulnerability Description

Huawei HEGE-560 version 1.0.1.20(SP2); OSCA-550 and OSCA-550A version 1.0.0.71(SP1); and OSCA-550AX and OSCA-550X version 1.0.0.71(SP2) have an insufficient authentication vulnerability. An attacker can access the device physically and perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker obtain high privilege.

CVSS Score

6.8

MEDIUM

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
HuaweiHege-560 Firmware1.0.1.20\(sp2\)
HuaweiHege-560-
HuaweiOsca-550 Firmware1.0.0.71\(sp1\)
HuaweiOsca-550-
HuaweiOsca-550A Firmware1.0.0.71\(sp1\)
HuaweiOsca-550A-
HuaweiOsca-550Ax Firmware1.0.0.71\(sp2\)
HuaweiOsca-550Ax-
HuaweiOsca-550X Firmware1.0.0.71\(sp2\)
HuaweiOsca-550X-

Related Weaknesses (CWE)

CWE-287

References

FAQ

What is CVE-2020-1842?

CVE-2020-1842 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Huawei HEGE-560 version 1.0.1.20(SP2); OSCA-550 and OSCA-550A version 1.0.0.71(SP1); and OSCA-550AX and OSCA-550X version 1.0.0.71(SP2) have an insufficient authentication vulnerability. An attacker c...

How severe is CVE-2020-1842?

CVE-2020-1842 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-1842?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei Hege-560 Firmware, Huawei Hege-560, Huawei Osca-550 Firmware, Huawei Osca-550, Huawei Osca-550A Firmware.