CVE Vulnerabilities

CVE-2020-9120

Published: Dec 24, 2020 | Modified: Dec 28, 2020

CVSS 3.x

7.5

HIGH

Source:

NVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS 2.x

5 MEDIUM

RedHat/V2

RedHat/V3

Ubuntu

Additional information

NVD	https://nvd.nist.gov/vuln/detail/CVE-2020-9120
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

CloudEngine 1800V versions V100R019C10SPC500 has a resource management error vulnerability. Remote unauthorized attackers could send specific types of messages to the device, resulting in the message received by the system cant be forwarded normally.

Affected Software

Name	Vendor	Start Version	End Version
Cloudengine_1800v	Huawei	v100r019c10spc500 (including)	v100r019c10spc500 (including)

References

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201202-01-cloudengine-en

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.