Huawei products IPS Module; NGFW Module; NIP6300; NIP6600; NIP6800; Secospace USG6300; Secospace USG6500; Secospace USG6600; USG9500 with versions of V500R001C00; V500R001C20; V500R001C30; V500R001C50; V500R001C60; V500R001C80; V500R005C00; V500R005C10; V500R005C20; V500R002C00; V500R002C10; V500R002C20; V500R002C30 have an improper authentication vulnerability. Attackers need to perform some operations to exploit the vulnerability. Successful exploit may obtain certain permissions on the device.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Ips_module_firmware | Huawei | v500r001c00 (including) | v500r001c00 (including) |
| Ips_module_firmware | Huawei | v500r001c20 (including) | v500r001c20 (including) |
| Ips_module_firmware | Huawei | v500r001c30 (including) | v500r001c30 (including) |
| Ips_module_firmware | Huawei | v500r001c50 (including) | v500r001c50 (including) |
| Ips_module_firmware | Huawei | v500r001c60 (including) | v500r001c60 (including) |
| Ips_module_firmware | Huawei | v500r001c80 (including) | v500r001c80 (including) |
| Ips_module_firmware | Huawei | v500r005c00 (including) | v500r005c00 (including) |
| Ips_module_firmware | Huawei | v500r005c10 (including) | v500r005c10 (including) |
| Ips_module_firmware | Huawei | v500r005c20 (including) | v500r005c20 (including) |