CVE-2020-9111 — MEDIUM (4.5)

Vulnerability Description

E6878-370 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233) and E6878-870 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP11C233) have a denial of service vulnerability. The system does not properly check some events, an attacker could launch the events continually, successful exploit could cause reboot of the process.

CVSS Score

4.5

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Huawei	E6878-370 Firmware	10.0.3.1\(h557sp27c233\)
Huawei	E6878-370	-
Huawei	E6878-870 Firmware	10.0.3.1\(h557sp27c233\)
Huawei	E6878-870	-

References

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-02-dos-enVendor Advisory
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-02-dos-enVendor Advisory

FAQ

What is CVE-2020-9111?

CVE-2020-9111 is a vulnerability with a CVSS score of 4.5 (MEDIUM). E6878-370 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233) and E6878-870 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP11C233) have a denial of service vulnerability. The system does not proper...

How severe is CVE-2020-9111?

CVE-2020-9111 has been rated MEDIUM with a CVSS base score of 4.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-9111?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei E6878-370 Firmware, Huawei E6878-370, Huawei E6878-870 Firmware, Huawei E6878-870.