Imanager Neteco 6000
CVE-2020-9208
MEDIUM
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
There is an information leak vulnerability in iManager NetEco 6000 versions V600R021C00. A module is lack of authentication. Attackers without access to the module can exploit this vulnerability to obtain extra information, leading to information leak.
AnalysisAI
There is an information leak vulnerability in iManager NetEco 6000 versions V600R021C00. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Missing Authentication for Critical Function (CWE-306), which allows attackers to access critical functionality without authentication. There is an information leak vulnerability in iManager NetEco 6000 versions V600R021C00. A module is lack of authentication. Attackers without access to the module can exploit this vulnerability to obtain extra information, leading to information leak. Affected products include: Huawei Imanager Neteco 6000.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Require authentication for all sensitive operations, implement defense in depth.
More in Imanager Neteco 6000
View allA buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that t
There has a CSV injection vulnerability in iManager NetEco 6000 versions V600R021C00. Rated high severity (CVSS 7.8), th
There is a CSV injection vulnerability in ManageOne, iManager NetEco and iManager NetEco 6000. Rated medium severity (CV
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today