CVE-2020-9086

{"id": "CVE-2020-9086", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2024-12-27T10:15:12.800", "references": [{"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200826-01-buffer_en", "tags": ["Vendor Advisory"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-124"}]}, {"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "There is a buffer error vulnerability in some Huawei product. An unauthenticated attacker may send special UPNP message to the affected products. Due to insufficient input validation of some value, successful exploit may cause some service abnormal. (Vulnerability ID: HWPSIRT-2017-08234)\n\nThis vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9086."}, {"lang": "es", "value": "Existe una vulnerabilidad de error de b\u00fafer en algunos productos de Huawei. Un atacante no autenticado puede enviar un mensaje UPNP especial a los productos afectados. Debido a la validaci\u00f3n de entrada insuficiente de alg\u00fan valor, una explotaci\u00f3n exitosa puede provocar que algunos servicios sean anormales. (Identificaci\u00f3n de vulnerabilidad: HWPSIRT-2017-08234) A esta vulnerabilidad se le ha asignado una identificaci\u00f3n de vulnerabilidades y exposiciones comunes (CVE): CVE-2020-9086."}], "lastModified": "2025-01-13T19:34:15.140", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:b612_firmware:b612s-25dtcpu-v100r001b192d03sp00c234:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5DA74362-63EF-402C-8DE4-608BF00B9A22"}, {"criteria": "cpe:2.3:o:huawei:b612_firmware:b612s-25dtcpu-v100r001b192d03sp00c287:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7B3FDDF-0E22-4778-B4B3-A9E77A7E8D80"}, {"criteria": "cpe:2.3:o:huawei:b612_firmware:b612s-25dtcpu-v100r001b192d05sp00c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D187A75B-E3D7-4B34-B2E5-F5FA8E557F80"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:b612:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F304357B-3B8D-49C0-AD8A-DC7F11B586BC"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "[email protected]"}