Description
CloudEngine 12800 with versions of V200R001C00SPC600,V200R001C00SPC700,V200R002C01,V200R002C50SPC800,V200R002C50SPC800PWE,V200R003C00SPC810,V200R003C00SPC810PWE,V200R005C00SPC600,V200R005C00SPC800,V200R005C00SPC800PWE,V200R005C10,V200R005C10SPC300 have an information leakage vulnerability in some Huawei products. In some special cases, an authenticated attacker can exploit this vulnerability because the software processes data improperly. Successful exploitation may lead to information leakage.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-01-leak-en
Scores
CVSS v3
4.4
EPSS
0.0006
EPSS Percentile
18.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Details
Status
published
Products (12)
huawei/cloudengine_12800_firmware
v200r001c00spc600
huawei/cloudengine_12800_firmware
v200r001c00spc700
huawei/cloudengine_12800_firmware
v200r002c01
huawei/cloudengine_12800_firmware
v200r002c50spc800
huawei/cloudengine_12800_firmware
v200r002c50spc800pwe
huawei/cloudengine_12800_firmware
v200r003c00spc810
huawei/cloudengine_12800_firmware
v200r003c00spc810pwe
huawei/cloudengine_12800_firmware
v200r005c00spc600
huawei/cloudengine_12800_firmware
v200r005c00spc800
huawei/cloudengine_12800_firmware
v200r005c00spc800pwe
... and 2 more
Published
Feb 28, 2020
Tracked Since
Feb 18, 2026