There is an information leakage vulnerability on some Huawei products(AR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR3200;AR3600). An attacker with low permissions can view some high-privilege information by running specific commands.Successful exploit could cause an information disclosure condition.
| Date Added | Due Date | Vulnerability Name | Required Action |
|---|---|---|---|
| N/A |
| Type | Version | Base score | Base severity | Vector |
|---|---|---|---|---|
| Primary | 3.1 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
| Primary | 2.0 | 4.0 | MEDIUM | AV:N/AC:L/Au:S/C:P/I:N/A:N |
| CWE ID | Type | Source |
|---|---|---|
| CWE-269 | Primary | nvd@nist.gov |
| Hyperlink | Source | Resource |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-vrp-en | psirt@huawei.com | Vendor Advisory |