CVE-2020-9208 — MEDIUM (6.5)

Vulnerability Description

There is an information leak vulnerability in iManager NetEco 6000 versions V600R021C00. A module is lack of authentication. Attackers without access to the module can exploit this vulnerability to obtain extra information, leading to information leak.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Huawei	Imanager Neteco 6000	v600r021c00

Related Weaknesses (CWE)

CWE-306

References

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201216-01-netecoVendor Advisory
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201216-01-netecoVendor Advisory

FAQ

What is CVE-2020-9208?

CVE-2020-9208 is a vulnerability with a CVSS score of 6.5 (MEDIUM). There is an information leak vulnerability in iManager NetEco 6000 versions V600R021C00. A module is lack of authentication. Attackers without access to the module can exploit this vulnerability to ob...

How severe is CVE-2020-9208?

CVE-2020-9208 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-9208?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei Imanager Neteco 6000.