What is CVE-2020-9200?

CVE-2020-9200 is a high-severity vulnerability in Huawei Imanager_neteco_6000, classified under Improper Neutralization of Formula Elements in a CSV File. CVSS score: 7.8/10. Published 2020-12-24.

How severe is CVE-2020-9200?

High severity. CVSS v3 base score is 7.8 out of 10.

Vulnerability in Huawei Imanager_neteco_6000

CVE-2020-9200

There has a CSV injection vulnerability in iManager NetEco 6000 versions V600R021C00. An attacker with common privilege may exploit this vulnerability through some operations to inject the CSV files. Due to insufficient input validation of…

EPSS: 0.003 (22.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Huawei Imanager_neteco_6000 — versions v600r021c00
N/a Imanager Neteco 6000 — versions V600R021C00

Weakness classification (CWE)

CWE-1236 — Improper Neutralization of Formula Elements in a CSV File

References

psirt@huawei.com (x_refsource_MISC, Vendor Advisory)

Frequently asked questions

What is CVE-2020-9200?: CVE-2020-9200 is a high-severity vulnerability in Huawei Imanager_neteco_6000, classified under Improper Neutralization of Formula Elements in a CSV File. CVSS score: 7.8/10. Published 2020-12-24.
How severe is CVE-2020-9200?: High severity. CVSS v3 base score is 7.8 out of 10.