admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 03:02:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-02-18 02:01:08 +00:00
parent 18654c0f01
commit fac1e7f3f8
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
2 changed files with 128 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

75
2020/1xxx/CVE-2020-1814.json
View File

@ -4,14 +4,83 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-1814",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Huawei",
"product": {
"product_data": [
{
"product_name": "NIP6800",
"version": {
"version_data": [
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C60SPC500"
},
{
"version_value": "V500R005C00"
}
]
}
},
{
"product_name": "Secospace USG6600, USG9500",
"version": {
"version_data": [
{
"version_value": "V500R001C30SPC200"
},
{
"version_value": "V500R001C30SPC600"
},
{
"version_value": "V500R001C60SPC500"
},
{
"version_value": "V500R005C00"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Dangling Pointer Reference"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-01-firewall-en",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-01-firewall-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Dangling pointer dereference vulnerability. An authenticated attacker may do some special operations in the affected products in some special scenarios to exploit the vulnerability. Due to improper race conditions of different operations, successful exploit will lead to Dangling pointer dereference, causing some service abnormal."
}
]
}

59
2020/1xxx/CVE-2020-1872.json
View File

@ -4,14 +4,67 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-1872",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Huawei",
"product": {
"product_data": [
{
"product_name": "HUAWEI P10 Plus",
"version": {
"version_data": [
{
"version_value": "earlier than 9.1.0.201(C01E75R1P12T8)"
},
{
"version_value": "earlier than 9.1.0.252(C185E2R1P9T8)"
},
{
"version_value": "earlier than 9.1.0.252(C432E4R1P9T8)"
},
{
"version_value": "earlier than 9.1.0.255(C576E6R1P8T8)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Digital Balance Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-01-digitalbalance-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-01-digitalbalance-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Huawei smart phones P10 Plus with versions earlier than 9.1.0.201(C01E75R1P12T8), earlier than 9.1.0.252(C185E2R1P9T8), earlier than 9.1.0.252(C432E4R1P9T8), and earlier than 9.1.0.255(C576E6R1P8T8) have a digital balance bypass vulnerability. When re-configuring the mobile phone at the digital balance mode, an attacker can perform some operations to bypass the startup wizard, and then open some switch. As a result, the digital balance function is bypassed."
}
]
}