Search criteria
42 vulnerabilities found for usg6000v_firmware by huawei
CVE-2020-1824 (GCVE-0-2020-1824)
Vulnerability from nvd – Published: 2024-12-28 06:37 – Updated: 2024-12-28 16:32
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1824",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-28T16:32:08.146658Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T16:32:25.200Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:37:14.149Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1824",
"datePublished": "2024-12-28T06:37:14.149Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-28T16:32:25.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1823 (GCVE-0-2020-1823)
Vulnerability from nvd – Published: 2024-12-28 06:29 – Updated: 2024-12-28 16:33
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1823",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-28T16:33:21.089526Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T16:33:45.933Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:29:49.051Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1823",
"datePublished": "2024-12-28T06:29:49.051Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-28T16:33:45.933Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1822 (GCVE-0-2020-1822)
Vulnerability from nvd – Published: 2024-12-28 06:21 – Updated: 2024-12-28 16:34
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1822",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-28T16:34:26.596620Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T16:34:41.792Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:21:04.473Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1822",
"datePublished": "2024-12-28T06:21:04.473Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-28T16:34:41.792Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1821 (GCVE-0-2020-1821)
Vulnerability from nvd – Published: 2024-12-28 06:16 – Updated: 2024-12-30 16:13
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1821",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-30T16:12:49.264838Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-30T16:13:03.624Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:16:58.770Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1821",
"datePublished": "2024-12-28T06:16:58.770Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-30T16:13:03.624Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1820 (GCVE-0-2020-1820)
Vulnerability from nvd – Published: 2024-12-28 06:11 – Updated: 2024-12-31 17:17
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1820",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-31T17:16:57.375041Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-31T17:17:05.860Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:11:17.446Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1820",
"datePublished": "2024-12-28T06:11:17.446Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-31T17:17:05.860Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1819 (GCVE-0-2020-1819)
Vulnerability from nvd – Published: 2024-12-27 10:05 – Updated: 2024-12-27 14:56
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1819",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-27T14:56:22.966063Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T14:56:31.845Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T10:05:47.224Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1819",
"datePublished": "2024-12-27T10:05:47.224Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-27T14:56:31.845Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1818 (GCVE-0-2020-1818)
Vulnerability from nvd – Published: 2024-12-27 10:02 – Updated: 2024-12-27 14:57
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1818",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-27T14:56:47.972518Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T14:57:27.653Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T10:02:45.710Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1818",
"datePublished": "2024-12-27T10:02:45.710Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-27T14:57:27.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1863 (GCVE-0-2020-1863)
Vulnerability from nvd – Published: 2020-03-12 22:01 – Updated: 2024-08-04 06:53
VLAI?
Summary
Huawei USG6000V with versions V500R001C20SPC300, V500R003C00SPC100, and V500R005C00SPC100 have an out-of-bounds read vulnerability. Due to a logical flaw in a JSON parsing routine, a remote, unauthenticated attacker could exploit this vulnerability to disrupt service in the affected products.
Severity ?
No CVSS data available.
CWE
- Out of Bounds Read
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei | Huawei USG6000V |
Affected:
V500R001C20SPC300
Affected: V500R003C00SPC100 Affected: V500R005C00SPC100 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:53:58.774Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200311-01-buffer-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Huawei USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C20SPC300"
},
{
"status": "affected",
"version": "V500R003C00SPC100"
},
{
"status": "affected",
"version": "V500R005C00SPC100"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Huawei USG6000V with versions V500R001C20SPC300, V500R003C00SPC100, and V500R005C00SPC100 have an out-of-bounds read vulnerability. Due to a logical flaw in a JSON parsing routine, a remote, unauthenticated attacker could exploit this vulnerability to disrupt service in the affected products."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out of Bounds Read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-12T22:01:20",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200311-01-buffer-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1863",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Huawei USG6000V",
"version": {
"version_data": [
{
"version_value": "V500R001C20SPC300"
},
{
"version_value": "V500R003C00SPC100"
},
{
"version_value": "V500R005C00SPC100"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei USG6000V with versions V500R001C20SPC300, V500R003C00SPC100, and V500R005C00SPC100 have an out-of-bounds read vulnerability. Due to a logical flaw in a JSON parsing routine, a remote, unauthenticated attacker could exploit this vulnerability to disrupt service in the affected products."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of Bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200311-01-buffer-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200311-01-buffer-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1863",
"datePublished": "2020-03-12T22:01:20",
"dateReserved": "2019-11-29T00:00:00",
"dateUpdated": "2024-08-04T06:53:58.774Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5258 (GCVE-0-2019-5258)
Vulnerability from nvd – Published: 2019-12-13 22:41 – Updated: 2024-08-04 19:47
VLAI?
Summary
Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a buffer overflow vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the affected board to be abnormal.
Severity ?
No CVSS data available.
CWE
- buffer overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981 |
Affected:
V200R005C30
Affected: V200R006C10 Affected: V200R006C20 Affected: V200R007C10 Affected: V200R007C20 Affected: V200R008C00 Affected: V200R008C10 Affected: V200R009C00 Affected: V500R001C00SPC300 Affected: V500R001C00SPC500 Affected: V500R001C00SPH303 Affected: V500R001C00SPH508 Affected: V500R001C20 Affected: V500R001C20SPC100 Affected: V500R001C20SPC100PWE Affected: V500R001C20SPC200 Affected: V500R001C20SPC200B062 Affected: V500R001C20SPC200PWE Affected: V500R001C20SPC300B078 Affected: V500R001C20SPC300PWE Affected: V500R001C30 Affected: V500R001C30SPC100 Affected: V500R001C30SPC100PWE Affected: V500R001C30SPC200 Affected: V500R001C30SPC200PWE Affected: V500R001C30SPC300 Affected: V500R001C50 Affected: V500R001C50PWE Affected: V500R001C80 Affected: V500R005C00 Affected: V500R001C00SPC500PWE Affected: V500R002C00 Affected: V500R002C00SPC100 Affected: V500R002C00SPC100PWE Affected: V500R002C00SPC200 Affected: V500R002C00SPC200PWE Affected: V500R002C00SPC300 Affected: V500R002C10 Affected: V500R002C10PWE Affected: V500R002C30 Affected: V500R002C30PWE Affected: V200R005C03 Affected: V200R003C00SPC100 Affected: V500R002C20 Affected: V500R001C00 Affected: V500R001C00SPC200 Affected: V500R001C00SPC600 Affected: V500R001C00SPC700 Affected: V500R001C20SPC300 Affected: V500R001C20SPC500 Affected: V500R001C20SPC600 Affected: V500R001C60SPC100 Affected: V500R001C60SPC101 Affected: V500R001C60SPC200 Affected: V500R001C60SPC300 Affected: V500R001C60SPC500 Affected: V500R001C60SPC600 Affected: V500R005C00SPC100 Affected: V100R001C20SPC100 Affected: V500R001C20SPC101 Affected: V500R001C80PWE Affected: V100R001C00SPC200 Affected: V100R001C10SPC200 Affected: V100R001C10SPC201 Affected: V100R001C20SPC200 Affected: V500R001C00SPC050 Affected: V500R001C00SPC090 Affected: V500R001C30SPC500 Affected: V500R001C30SPC600 Affected: V500R001C30SPC600PWE Affected: V500R001C30SPC601 Affected: V500R001C50SPC009 Affected: V500R001C50SPC100 Affected: V500R001C50SPC100PWE Affected: V500R001C50SPC200 Affected: V500R001C50SPC200PWE Affected: V500R001C50SPC300 Affected: V500R001C60 Affected: V500R001C60SPC100PWE Affected: V500R001C60SPC200PWE Affected: V500R005C00SPC102 Affected: V500R001C10 Affected: V500R001C10SPC100 Affected: V500R001C10SPC200 Affected: V500R003C00 Affected: V500R003C00SPC100 Affected: V200R003C50SPC700 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:47:56.829Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R005C30"
},
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R006C20"
},
{
"status": "affected",
"version": "V200R007C10"
},
{
"status": "affected",
"version": "V200R007C20"
},
{
"status": "affected",
"version": "V200R008C00"
},
{
"status": "affected",
"version": "V200R008C10"
},
{
"status": "affected",
"version": "V200R009C00"
},
{
"status": "affected",
"version": "V500R001C00SPC300"
},
{
"status": "affected",
"version": "V500R001C00SPC500"
},
{
"status": "affected",
"version": "V500R001C00SPH303"
},
{
"status": "affected",
"version": "V500R001C00SPH508"
},
{
"status": "affected",
"version": "V500R001C20"
},
{
"status": "affected",
"version": "V500R001C20SPC100"
},
{
"status": "affected",
"version": "V500R001C20SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C20SPC200"
},
{
"status": "affected",
"version": "V500R001C20SPC200B062"
},
{
"status": "affected",
"version": "V500R001C20SPC200PWE"
},
{
"status": "affected",
"version": "V500R001C20SPC300B078"
},
{
"status": "affected",
"version": "V500R001C20SPC300PWE"
},
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C30SPC100"
},
{
"status": "affected",
"version": "V500R001C30SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C30SPC200"
},
{
"status": "affected",
"version": "V500R001C30SPC200PWE"
},
{
"status": "affected",
"version": "V500R001C30SPC300"
},
{
"status": "affected",
"version": "V500R001C50"
},
{
"status": "affected",
"version": "V500R001C50PWE"
},
{
"status": "affected",
"version": "V500R001C80"
},
{
"status": "affected",
"version": "V500R005C00"
},
{
"status": "affected",
"version": "V500R001C00SPC500PWE"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C00SPC100"
},
{
"status": "affected",
"version": "V500R002C00SPC100PWE"
},
{
"status": "affected",
"version": "V500R002C00SPC200"
},
{
"status": "affected",
"version": "V500R002C00SPC200PWE"
},
{
"status": "affected",
"version": "V500R002C00SPC300"
},
{
"status": "affected",
"version": "V500R002C10"
},
{
"status": "affected",
"version": "V500R002C10PWE"
},
{
"status": "affected",
"version": "V500R002C30"
},
{
"status": "affected",
"version": "V500R002C30PWE"
},
{
"status": "affected",
"version": "V200R005C03"
},
{
"status": "affected",
"version": "V200R003C00SPC100"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R001C00"
},
{
"status": "affected",
"version": "V500R001C00SPC200"
},
{
"status": "affected",
"version": "V500R001C00SPC600"
},
{
"status": "affected",
"version": "V500R001C00SPC700"
},
{
"status": "affected",
"version": "V500R001C20SPC300"
},
{
"status": "affected",
"version": "V500R001C20SPC500"
},
{
"status": "affected",
"version": "V500R001C20SPC600"
},
{
"status": "affected",
"version": "V500R001C60SPC100"
},
{
"status": "affected",
"version": "V500R001C60SPC101"
},
{
"status": "affected",
"version": "V500R001C60SPC200"
},
{
"status": "affected",
"version": "V500R001C60SPC300"
},
{
"status": "affected",
"version": "V500R001C60SPC500"
},
{
"status": "affected",
"version": "V500R001C60SPC600"
},
{
"status": "affected",
"version": "V500R005C00SPC100"
},
{
"status": "affected",
"version": "V100R001C20SPC100"
},
{
"status": "affected",
"version": "V500R001C20SPC101"
},
{
"status": "affected",
"version": "V500R001C80PWE"
},
{
"status": "affected",
"version": "V100R001C00SPC200"
},
{
"status": "affected",
"version": "V100R001C10SPC200"
},
{
"status": "affected",
"version": "V100R001C10SPC201"
},
{
"status": "affected",
"version": "V100R001C20SPC200"
},
{
"status": "affected",
"version": "V500R001C00SPC050"
},
{
"status": "affected",
"version": "V500R001C00SPC090"
},
{
"status": "affected",
"version": "V500R001C30SPC500"
},
{
"status": "affected",
"version": "V500R001C30SPC600"
},
{
"status": "affected",
"version": "V500R001C30SPC600PWE"
},
{
"status": "affected",
"version": "V500R001C30SPC601"
},
{
"status": "affected",
"version": "V500R001C50SPC009"
},
{
"status": "affected",
"version": "V500R001C50SPC100"
},
{
"status": "affected",
"version": "V500R001C50SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C50SPC200"
},
{
"status": "affected",
"version": "V500R001C50SPC200PWE"
},
{
"status": "affected",
"version": "V500R001C50SPC300"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R001C60SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C60SPC200PWE"
},
{
"status": "affected",
"version": "V500R005C00SPC102"
},
{
"status": "affected",
"version": "V500R001C10"
},
{
"status": "affected",
"version": "V500R001C10SPC100"
},
{
"status": "affected",
"version": "V500R001C10SPC200"
},
{
"status": "affected",
"version": "V500R003C00"
},
{
"status": "affected",
"version": "V500R003C00SPC100"
},
{
"status": "affected",
"version": "V200R003C50SPC700"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a buffer overflow vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the affected board to be abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-13T22:41:04",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-5258",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981",
"version": {
"version_data": [
{
"version_value": "V200R005C30"
},
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R006C20"
},
{
"version_value": "V200R007C10"
},
{
"version_value": "V200R007C20"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R008C10"
},
{
"version_value": "V200R009C00"
},
{
"version_value": "V500R001C00SPC300"
},
{
"version_value": "V500R001C00SPC500"
},
{
"version_value": "V500R001C00SPH303"
},
{
"version_value": "V500R001C00SPH508"
},
{
"version_value": "V500R001C20"
},
{
"version_value": "V500R001C20SPC100"
},
{
"version_value": "V500R001C20SPC100PWE"
},
{
"version_value": "V500R001C20SPC200"
},
{
"version_value": "V500R001C20SPC200B062"
},
{
"version_value": "V500R001C20SPC200PWE"
},
{
"version_value": "V500R001C20SPC300B078"
},
{
"version_value": "V500R001C20SPC300PWE"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C30SPC100"
},
{
"version_value": "V500R001C30SPC100PWE"
},
{
"version_value": "V500R001C30SPC200"
},
{
"version_value": "V500R001C30SPC200PWE"
},
{
"version_value": "V500R001C30SPC300"
},
{
"version_value": "V500R001C50"
},
{
"version_value": "V500R001C50PWE"
},
{
"version_value": "V500R001C80"
},
{
"version_value": "V500R005C00"
},
{
"version_value": "V500R001C00SPC500PWE"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V500R002C00SPC100"
},
{
"version_value": "V500R002C00SPC100PWE"
},
{
"version_value": "V500R002C00SPC200"
},
{
"version_value": "V500R002C00SPC200PWE"
},
{
"version_value": "V500R002C00SPC300"
},
{
"version_value": "V500R002C10"
},
{
"version_value": "V500R002C10PWE"
},
{
"version_value": "V500R002C30"
},
{
"version_value": "V500R002C30PWE"
},
{
"version_value": "V200R005C03"
},
{
"version_value": "V200R003C00SPC100"
},
{
"version_value": "V500R002C20"
},
{
"version_value": "V500R001C00"
},
{
"version_value": "V500R001C00SPC200"
},
{
"version_value": "V500R001C00SPC600"
},
{
"version_value": "V500R001C00SPC700"
},
{
"version_value": "V500R001C20SPC300"
},
{
"version_value": "V500R001C20SPC500"
},
{
"version_value": "V500R001C20SPC600"
},
{
"version_value": "V500R001C60SPC100"
},
{
"version_value": "V500R001C60SPC101"
},
{
"version_value": "V500R001C60SPC200"
},
{
"version_value": "V500R001C60SPC300"
},
{
"version_value": "V500R001C60SPC500"
},
{
"version_value": "V500R001C60SPC600"
},
{
"version_value": "V500R005C00SPC100"
},
{
"version_value": "V100R001C20SPC100"
},
{
"version_value": "V500R001C20SPC101"
},
{
"version_value": "V500R001C80PWE"
},
{
"version_value": "V100R001C00SPC200"
},
{
"version_value": "V100R001C10SPC200"
},
{
"version_value": "V100R001C10SPC201"
},
{
"version_value": "V100R001C20SPC200"
},
{
"version_value": "V500R001C00SPC050"
},
{
"version_value": "V500R001C00SPC090"
},
{
"version_value": "V500R001C30SPC500"
},
{
"version_value": "V500R001C30SPC600"
},
{
"version_value": "V500R001C30SPC600PWE"
},
{
"version_value": "V500R001C30SPC601"
},
{
"version_value": "V500R001C50SPC009"
},
{
"version_value": "V500R001C50SPC100"
},
{
"version_value": "V500R001C50SPC100PWE"
},
{
"version_value": "V500R001C50SPC200"
},
{
"version_value": "V500R001C50SPC200PWE"
},
{
"version_value": "V500R001C50SPC300"
},
{
"version_value": "V500R001C60"
},
{
"version_value": "V500R001C60SPC100PWE"
},
{
"version_value": "V500R001C60SPC200PWE"
},
{
"version_value": "V500R005C00SPC102"
},
{
"version_value": "V500R001C10"
},
{
"version_value": "V500R001C10SPC100"
},
{
"version_value": "V500R001C10SPC200"
},
{
"version_value": "V500R003C00"
},
{
"version_value": "V500R003C00SPC100"
},
{
"version_value": "V200R003C50SPC700"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a buffer overflow vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the affected board to be abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-5258",
"datePublished": "2019-12-13T22:41:04",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:47:56.829Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5257 (GCVE-0-2019-5257)
Vulnerability from nvd – Published: 2019-12-13 22:16 – Updated: 2024-08-04 19:47
VLAI?
Summary
Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace) have a resource management vulnerability. An attacker who logs in to the board may send crafted messages from the internal network.
Severity ?
No CVSS data available.
CWE
- resource management
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981 |
Affected:
V200R005C30
Affected: V200R006C10 Affected: V200R006C20 Affected: V200R007C10 Affected: V200R007C20 Affected: V200R008C00 Affected: V200R008C10 Affected: V200R009C00 Affected: V500R001C00SPC300 Affected: V500R001C00SPC500 Affected: V500R001C00SPH303 Affected: V500R001C00SPH508 Affected: V500R001C20 Affected: V500R001C20SPC100 Affected: V500R001C20SPC100PWE Affected: V500R001C20SPC200 Affected: V500R001C20SPC200B062 Affected: V500R001C20SPC200PWE Affected: V500R001C20SPC300B078 Affected: V500R001C20SPC300PWE Affected: V500R001C30 Affected: V500R001C30SPC100 Affected: V500R001C30SPC100PWE Affected: V500R001C30SPC200 Affected: V500R001C30SPC200PWE Affected: V500R001C30SPC300 Affected: V500R001C50 Affected: V500R001C50PWE Affected: V500R001C80 Affected: V500R005C00 Affected: V500R001C00SPC500PWE Affected: V500R002C00 Affected: V500R002C00SPC100 Affected: V500R002C00SPC100PWE Affected: V500R002C00SPC200 Affected: V500R002C00SPC200PWE Affected: V500R002C00SPC300 Affected: V500R002C10 Affected: V500R002C10PWE Affected: V500R002C30 Affected: V500R002C30PWE Affected: V200R005C03 Affected: V200R003C00SPC100 Affected: V500R002C20 Affected: V500R001C00 Affected: V500R001C00SPC200 Affected: V500R001C00SPC600 Affected: V500R001C00SPC700 Affected: V500R001C20SPC300 Affected: V500R001C20SPC500 Affected: V500R001C20SPC600 Affected: V500R001C60SPC100 Affected: V500R001C60SPC101 Affected: V500R001C60SPC200 Affected: V500R001C60SPC300 Affected: V500R001C60SPC500 Affected: V500R001C60SPC600 Affected: V500R005C00SPC100 Affected: V100R001C20SPC100 Affected: V500R001C20SPC101 Affected: V500R001C80PWE Affected: V100R001C00SPC200 Affected: V100R001C10SPC200 Affected: V100R001C10SPC201 Affected: V100R001C20SPC200 Affected: V500R001C00SPC050 Affected: V500R001C00SPC090 Affected: V500R001C30SPC500 Affected: V500R001C30SPC600 Affected: V500R001C30SPC600PWE Affected: V500R001C30SPC601 Affected: V500R001C50SPC009 Affected: V500R001C50SPC100 Affected: V500R001C50SPC100PWE Affected: V500R001C50SPC200 Affected: V500R001C50SPC200PWE Affected: V500R001C50SPC300 Affected: V500R001C60 Affected: V500R001C60SPC100PWE Affected: V500R001C60SPC200PWE Affected: V500R005C00SPC102 Affected: V500R001C10 Affected: V500R001C10SPC100 Affected: V500R001C10SPC200 Affected: V500R003C00 Affected: V500R003C00SPC100 Affected: V200R003C50SPC700 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:47:56.752Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R005C30"
},
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R006C20"
},
{
"status": "affected",
"version": "V200R007C10"
},
{
"status": "affected",
"version": "V200R007C20"
},
{
"status": "affected",
"version": "V200R008C00"
},
{
"status": "affected",
"version": "V200R008C10"
},
{
"status": "affected",
"version": "V200R009C00"
},
{
"status": "affected",
"version": "V500R001C00SPC300"
},
{
"status": "affected",
"version": "V500R001C00SPC500"
},
{
"status": "affected",
"version": "V500R001C00SPH303"
},
{
"status": "affected",
"version": "V500R001C00SPH508"
},
{
"status": "affected",
"version": "V500R001C20"
},
{
"status": "affected",
"version": "V500R001C20SPC100"
},
{
"status": "affected",
"version": "V500R001C20SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C20SPC200"
},
{
"status": "affected",
"version": "V500R001C20SPC200B062"
},
{
"status": "affected",
"version": "V500R001C20SPC200PWE"
},
{
"status": "affected",
"version": "V500R001C20SPC300B078"
},
{
"status": "affected",
"version": "V500R001C20SPC300PWE"
},
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C30SPC100"
},
{
"status": "affected",
"version": "V500R001C30SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C30SPC200"
},
{
"status": "affected",
"version": "V500R001C30SPC200PWE"
},
{
"status": "affected",
"version": "V500R001C30SPC300"
},
{
"status": "affected",
"version": "V500R001C50"
},
{
"status": "affected",
"version": "V500R001C50PWE"
},
{
"status": "affected",
"version": "V500R001C80"
},
{
"status": "affected",
"version": "V500R005C00"
},
{
"status": "affected",
"version": "V500R001C00SPC500PWE"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C00SPC100"
},
{
"status": "affected",
"version": "V500R002C00SPC100PWE"
},
{
"status": "affected",
"version": "V500R002C00SPC200"
},
{
"status": "affected",
"version": "V500R002C00SPC200PWE"
},
{
"status": "affected",
"version": "V500R002C00SPC300"
},
{
"status": "affected",
"version": "V500R002C10"
},
{
"status": "affected",
"version": "V500R002C10PWE"
},
{
"status": "affected",
"version": "V500R002C30"
},
{
"status": "affected",
"version": "V500R002C30PWE"
},
{
"status": "affected",
"version": "V200R005C03"
},
{
"status": "affected",
"version": "V200R003C00SPC100"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R001C00"
},
{
"status": "affected",
"version": "V500R001C00SPC200"
},
{
"status": "affected",
"version": "V500R001C00SPC600"
},
{
"status": "affected",
"version": "V500R001C00SPC700"
},
{
"status": "affected",
"version": "V500R001C20SPC300"
},
{
"status": "affected",
"version": "V500R001C20SPC500"
},
{
"status": "affected",
"version": "V500R001C20SPC600"
},
{
"status": "affected",
"version": "V500R001C60SPC100"
},
{
"status": "affected",
"version": "V500R001C60SPC101"
},
{
"status": "affected",
"version": "V500R001C60SPC200"
},
{
"status": "affected",
"version": "V500R001C60SPC300"
},
{
"status": "affected",
"version": "V500R001C60SPC500"
},
{
"status": "affected",
"version": "V500R001C60SPC600"
},
{
"status": "affected",
"version": "V500R005C00SPC100"
},
{
"status": "affected",
"version": "V100R001C20SPC100"
},
{
"status": "affected",
"version": "V500R001C20SPC101"
},
{
"status": "affected",
"version": "V500R001C80PWE"
},
{
"status": "affected",
"version": "V100R001C00SPC200"
},
{
"status": "affected",
"version": "V100R001C10SPC200"
},
{
"status": "affected",
"version": "V100R001C10SPC201"
},
{
"status": "affected",
"version": "V100R001C20SPC200"
},
{
"status": "affected",
"version": "V500R001C00SPC050"
},
{
"status": "affected",
"version": "V500R001C00SPC090"
},
{
"status": "affected",
"version": "V500R001C30SPC500"
},
{
"status": "affected",
"version": "V500R001C30SPC600"
},
{
"status": "affected",
"version": "V500R001C30SPC600PWE"
},
{
"status": "affected",
"version": "V500R001C30SPC601"
},
{
"status": "affected",
"version": "V500R001C50SPC009"
},
{
"status": "affected",
"version": "V500R001C50SPC100"
},
{
"status": "affected",
"version": "V500R001C50SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C50SPC200"
},
{
"status": "affected",
"version": "V500R001C50SPC200PWE"
},
{
"status": "affected",
"version": "V500R001C50SPC300"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R001C60SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C60SPC200PWE"
},
{
"status": "affected",
"version": "V500R005C00SPC102"
},
{
"status": "affected",
"version": "V500R001C10"
},
{
"status": "affected",
"version": "V500R001C10SPC100"
},
{
"status": "affected",
"version": "V500R001C10SPC200"
},
{
"status": "affected",
"version": "V500R003C00"
},
{
"status": "affected",
"version": "V500R003C00SPC100"
},
{
"status": "affected",
"version": "V200R003C50SPC700"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace) have a resource management vulnerability. An attacker who logs in to the board may send crafted messages from the internal network."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "resource management",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-13T22:16:22",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-5257",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981",
"version": {
"version_data": [
{
"version_value": "V200R005C30"
},
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R006C20"
},
{
"version_value": "V200R007C10"
},
{
"version_value": "V200R007C20"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R008C10"
},
{
"version_value": "V200R009C00"
},
{
"version_value": "V500R001C00SPC300"
},
{
"version_value": "V500R001C00SPC500"
},
{
"version_value": "V500R001C00SPH303"
},
{
"version_value": "V500R001C00SPH508"
},
{
"version_value": "V500R001C20"
},
{
"version_value": "V500R001C20SPC100"
},
{
"version_value": "V500R001C20SPC100PWE"
},
{
"version_value": "V500R001C20SPC200"
},
{
"version_value": "V500R001C20SPC200B062"
},
{
"version_value": "V500R001C20SPC200PWE"
},
{
"version_value": "V500R001C20SPC300B078"
},
{
"version_value": "V500R001C20SPC300PWE"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C30SPC100"
},
{
"version_value": "V500R001C30SPC100PWE"
},
{
"version_value": "V500R001C30SPC200"
},
{
"version_value": "V500R001C30SPC200PWE"
},
{
"version_value": "V500R001C30SPC300"
},
{
"version_value": "V500R001C50"
},
{
"version_value": "V500R001C50PWE"
},
{
"version_value": "V500R001C80"
},
{
"version_value": "V500R005C00"
},
{
"version_value": "V500R001C00SPC500PWE"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V500R002C00SPC100"
},
{
"version_value": "V500R002C00SPC100PWE"
},
{
"version_value": "V500R002C00SPC200"
},
{
"version_value": "V500R002C00SPC200PWE"
},
{
"version_value": "V500R002C00SPC300"
},
{
"version_value": "V500R002C10"
},
{
"version_value": "V500R002C10PWE"
},
{
"version_value": "V500R002C30"
},
{
"version_value": "V500R002C30PWE"
},
{
"version_value": "V200R005C03"
},
{
"version_value": "V200R003C00SPC100"
},
{
"version_value": "V500R002C20"
},
{
"version_value": "V500R001C00"
},
{
"version_value": "V500R001C00SPC200"
},
{
"version_value": "V500R001C00SPC600"
},
{
"version_value": "V500R001C00SPC700"
},
{
"version_value": "V500R001C20SPC300"
},
{
"version_value": "V500R001C20SPC500"
},
{
"version_value": "V500R001C20SPC600"
},
{
"version_value": "V500R001C60SPC100"
},
{
"version_value": "V500R001C60SPC101"
},
{
"version_value": "V500R001C60SPC200"
},
{
"version_value": "V500R001C60SPC300"
},
{
"version_value": "V500R001C60SPC500"
},
{
"version_value": "V500R001C60SPC600"
},
{
"version_value": "V500R005C00SPC100"
},
{
"version_value": "V100R001C20SPC100"
},
{
"version_value": "V500R001C20SPC101"
},
{
"version_value": "V500R001C80PWE"
},
{
"version_value": "V100R001C00SPC200"
},
{
"version_value": "V100R001C10SPC200"
},
{
"version_value": "V100R001C10SPC201"
},
{
"version_value": "V100R001C20SPC200"
},
{
"version_value": "V500R001C00SPC050"
},
{
"version_value": "V500R001C00SPC090"
},
{
"version_value": "V500R001C30SPC500"
},
{
"version_value": "V500R001C30SPC600"
},
{
"version_value": "V500R001C30SPC600PWE"
},
{
"version_value": "V500R001C30SPC601"
},
{
"version_value": "V500R001C50SPC009"
},
{
"version_value": "V500R001C50SPC100"
},
{
"version_value": "V500R001C50SPC100PWE"
},
{
"version_value": "V500R001C50SPC200"
},
{
"version_value": "V500R001C50SPC200PWE"
},
{
"version_value": "V500R001C50SPC300"
},
{
"version_value": "V500R001C60"
},
{
"version_value": "V500R001C60SPC100PWE"
},
{
"version_value": "V500R001C60SPC200PWE"
},
{
"version_value": "V500R005C00SPC102"
},
{
"version_value": "V500R001C10"
},
{
"version_value": "V500R001C10SPC100"
},
{
"version_value": "V500R001C10SPC200"
},
{
"version_value": "V500R003C00"
},
{
"version_value": "V500R003C00SPC100"
},
{
"version_value": "V200R003C50SPC700"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace) have a resource management vulnerability. An attacker who logs in to the board may send crafted messages from the internal network."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "resource management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-5257",
"datePublished": "2019-12-13T22:16:22",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:47:56.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5256 (GCVE-0-2019-5256)
Vulnerability from nvd – Published: 2019-12-13 22:45 – Updated: 2024-08-04 19:47
VLAI?
Summary
Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a null pointer dereference vulnerability. The system dereferences a pointer that it expects to be valid, but is NULL. A local attacker could exploit this vulnerability by sending crafted parameters. A successful exploit could cause a denial of service and the process reboot.
Severity ?
No CVSS data available.
CWE
- null pointer dereference
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981 |
Affected:
V200R005C30
Affected: V200R006C10 Affected: V200R006C20 Affected: V200R007C10 Affected: V200R007C20 Affected: V200R008C00 Affected: V200R008C10 Affected: V200R009C00 Affected: V500R001C00SPC300 Affected: V500R001C00SPC500 Affected: V500R001C00SPH303 Affected: V500R001C00SPH508 Affected: V500R001C20 Affected: V500R001C20SPC100 Affected: V500R001C20SPC100PWE Affected: V500R001C20SPC200 Affected: V500R001C20SPC200B062 Affected: V500R001C20SPC200PWE Affected: V500R001C20SPC300B078 Affected: V500R001C20SPC300PWE Affected: V500R001C30 Affected: V500R001C30SPC100 Affected: V500R001C30SPC100PWE Affected: V500R001C30SPC200 Affected: V500R001C30SPC200PWE Affected: V500R001C30SPC300 Affected: V500R001C50 Affected: V500R001C50PWE Affected: V500R001C80 Affected: V500R005C00 Affected: V500R001C00SPC500PWE Affected: V500R002C00 Affected: V500R002C00SPC100 Affected: V500R002C00SPC100PWE Affected: V500R002C00SPC200 Affected: V500R002C00SPC200PWE Affected: V500R002C00SPC300 Affected: V500R002C10 Affected: V500R002C10PWE Affected: V500R002C30 Affected: V500R002C30PWE Affected: V200R005C03 Affected: V200R003C00SPC100 Affected: V500R002C20 Affected: V500R001C00 Affected: V500R001C00SPC200 Affected: V500R001C00SPC600 Affected: V500R001C00SPC700 Affected: V500R001C20SPC300 Affected: V500R001C20SPC500 Affected: V500R001C20SPC600 Affected: V500R001C60SPC100 Affected: V500R001C60SPC101 Affected: V500R001C60SPC200 Affected: V500R001C60SPC300 Affected: V500R001C60SPC500 Affected: V500R001C60SPC600 Affected: V500R005C00SPC100 Affected: V100R001C20SPC100 Affected: V500R001C20SPC101 Affected: V500R001C80PWE Affected: V100R001C00SPC200 Affected: V100R001C10SPC200 Affected: V100R001C10SPC201 Affected: V100R001C20SPC200 Affected: V500R001C00SPC050 Affected: V500R001C00SPC090 Affected: V500R001C30SPC500 Affected: V500R001C30SPC600 Affected: V500R001C30SPC600PWE Affected: V500R001C30SPC601 Affected: V500R001C50SPC009 Affected: V500R001C50SPC100 Affected: V500R001C50SPC100PWE Affected: V500R001C50SPC200 Affected: V500R001C50SPC200PWE Affected: V500R001C50SPC300 Affected: V500R001C60 Affected: V500R001C60SPC100PWE Affected: V500R001C60SPC200PWE Affected: V500R005C00SPC102 Affected: V500R001C10 Affected: V500R001C10SPC100 Affected: V500R001C10SPC200 Affected: V500R003C00 Affected: V500R003C00SPC100 Affected: V200R003C50SPC700 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:47:56.652Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R005C30"
},
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R006C20"
},
{
"status": "affected",
"version": "V200R007C10"
},
{
"status": "affected",
"version": "V200R007C20"
},
{
"status": "affected",
"version": "V200R008C00"
},
{
"status": "affected",
"version": "V200R008C10"
},
{
"status": "affected",
"version": "V200R009C00"
},
{
"status": "affected",
"version": "V500R001C00SPC300"
},
{
"status": "affected",
"version": "V500R001C00SPC500"
},
{
"status": "affected",
"version": "V500R001C00SPH303"
},
{
"status": "affected",
"version": "V500R001C00SPH508"
},
{
"status": "affected",
"version": "V500R001C20"
},
{
"status": "affected",
"version": "V500R001C20SPC100"
},
{
"status": "affected",
"version": "V500R001C20SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C20SPC200"
},
{
"status": "affected",
"version": "V500R001C20SPC200B062"
},
{
"status": "affected",
"version": "V500R001C20SPC200PWE"
},
{
"status": "affected",
"version": "V500R001C20SPC300B078"
},
{
"status": "affected",
"version": "V500R001C20SPC300PWE"
},
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C30SPC100"
},
{
"status": "affected",
"version": "V500R001C30SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C30SPC200"
},
{
"status": "affected",
"version": "V500R001C30SPC200PWE"
},
{
"status": "affected",
"version": "V500R001C30SPC300"
},
{
"status": "affected",
"version": "V500R001C50"
},
{
"status": "affected",
"version": "V500R001C50PWE"
},
{
"status": "affected",
"version": "V500R001C80"
},
{
"status": "affected",
"version": "V500R005C00"
},
{
"status": "affected",
"version": "V500R001C00SPC500PWE"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C00SPC100"
},
{
"status": "affected",
"version": "V500R002C00SPC100PWE"
},
{
"status": "affected",
"version": "V500R002C00SPC200"
},
{
"status": "affected",
"version": "V500R002C00SPC200PWE"
},
{
"status": "affected",
"version": "V500R002C00SPC300"
},
{
"status": "affected",
"version": "V500R002C10"
},
{
"status": "affected",
"version": "V500R002C10PWE"
},
{
"status": "affected",
"version": "V500R002C30"
},
{
"status": "affected",
"version": "V500R002C30PWE"
},
{
"status": "affected",
"version": "V200R005C03"
},
{
"status": "affected",
"version": "V200R003C00SPC100"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R001C00"
},
{
"status": "affected",
"version": "V500R001C00SPC200"
},
{
"status": "affected",
"version": "V500R001C00SPC600"
},
{
"status": "affected",
"version": "V500R001C00SPC700"
},
{
"status": "affected",
"version": "V500R001C20SPC300"
},
{
"status": "affected",
"version": "V500R001C20SPC500"
},
{
"status": "affected",
"version": "V500R001C20SPC600"
},
{
"status": "affected",
"version": "V500R001C60SPC100"
},
{
"status": "affected",
"version": "V500R001C60SPC101"
},
{
"status": "affected",
"version": "V500R001C60SPC200"
},
{
"status": "affected",
"version": "V500R001C60SPC300"
},
{
"status": "affected",
"version": "V500R001C60SPC500"
},
{
"status": "affected",
"version": "V500R001C60SPC600"
},
{
"status": "affected",
"version": "V500R005C00SPC100"
},
{
"status": "affected",
"version": "V100R001C20SPC100"
},
{
"status": "affected",
"version": "V500R001C20SPC101"
},
{
"status": "affected",
"version": "V500R001C80PWE"
},
{
"status": "affected",
"version": "V100R001C00SPC200"
},
{
"status": "affected",
"version": "V100R001C10SPC200"
},
{
"status": "affected",
"version": "V100R001C10SPC201"
},
{
"status": "affected",
"version": "V100R001C20SPC200"
},
{
"status": "affected",
"version": "V500R001C00SPC050"
},
{
"status": "affected",
"version": "V500R001C00SPC090"
},
{
"status": "affected",
"version": "V500R001C30SPC500"
},
{
"status": "affected",
"version": "V500R001C30SPC600"
},
{
"status": "affected",
"version": "V500R001C30SPC600PWE"
},
{
"status": "affected",
"version": "V500R001C30SPC601"
},
{
"status": "affected",
"version": "V500R001C50SPC009"
},
{
"status": "affected",
"version": "V500R001C50SPC100"
},
{
"status": "affected",
"version": "V500R001C50SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C50SPC200"
},
{
"status": "affected",
"version": "V500R001C50SPC200PWE"
},
{
"status": "affected",
"version": "V500R001C50SPC300"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R001C60SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C60SPC200PWE"
},
{
"status": "affected",
"version": "V500R005C00SPC102"
},
{
"status": "affected",
"version": "V500R001C10"
},
{
"status": "affected",
"version": "V500R001C10SPC100"
},
{
"status": "affected",
"version": "V500R001C10SPC200"
},
{
"status": "affected",
"version": "V500R003C00"
},
{
"status": "affected",
"version": "V500R003C00SPC100"
},
{
"status": "affected",
"version": "V200R003C50SPC700"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a null pointer dereference vulnerability. The system dereferences a pointer that it expects to be valid, but is NULL. A local attacker could exploit this vulnerability by sending crafted parameters. A successful exploit could cause a denial of service and the process reboot."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "null pointer dereference",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-13T22:45:34",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-5256",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981",
"version": {
"version_data": [
{
"version_value": "V200R005C30"
},
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R006C20"
},
{
"version_value": "V200R007C10"
},
{
"version_value": "V200R007C20"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R008C10"
},
{
"version_value": "V200R009C00"
},
{
"version_value": "V500R001C00SPC300"
},
{
"version_value": "V500R001C00SPC500"
},
{
"version_value": "V500R001C00SPH303"
},
{
"version_value": "V500R001C00SPH508"
},
{
"version_value": "V500R001C20"
},
{
"version_value": "V500R001C20SPC100"
},
{
"version_value": "V500R001C20SPC100PWE"
},
{
"version_value": "V500R001C20SPC200"
},
{
"version_value": "V500R001C20SPC200B062"
},
{
"version_value": "V500R001C20SPC200PWE"
},
{
"version_value": "V500R001C20SPC300B078"
},
{
"version_value": "V500R001C20SPC300PWE"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C30SPC100"
},
{
"version_value": "V500R001C30SPC100PWE"
},
{
"version_value": "V500R001C30SPC200"
},
{
"version_value": "V500R001C30SPC200PWE"
},
{
"version_value": "V500R001C30SPC300"
},
{
"version_value": "V500R001C50"
},
{
"version_value": "V500R001C50PWE"
},
{
"version_value": "V500R001C80"
},
{
"version_value": "V500R005C00"
},
{
"version_value": "V500R001C00SPC500PWE"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V500R002C00SPC100"
},
{
"version_value": "V500R002C00SPC100PWE"
},
{
"version_value": "V500R002C00SPC200"
},
{
"version_value": "V500R002C00SPC200PWE"
},
{
"version_value": "V500R002C00SPC300"
},
{
"version_value": "V500R002C10"
},
{
"version_value": "V500R002C10PWE"
},
{
"version_value": "V500R002C30"
},
{
"version_value": "V500R002C30PWE"
},
{
"version_value": "V200R005C03"
},
{
"version_value": "V200R003C00SPC100"
},
{
"version_value": "V500R002C20"
},
{
"version_value": "V500R001C00"
},
{
"version_value": "V500R001C00SPC200"
},
{
"version_value": "V500R001C00SPC600"
},
{
"version_value": "V500R001C00SPC700"
},
{
"version_value": "V500R001C20SPC300"
},
{
"version_value": "V500R001C20SPC500"
},
{
"version_value": "V500R001C20SPC600"
},
{
"version_value": "V500R001C60SPC100"
},
{
"version_value": "V500R001C60SPC101"
},
{
"version_value": "V500R001C60SPC200"
},
{
"version_value": "V500R001C60SPC300"
},
{
"version_value": "V500R001C60SPC500"
},
{
"version_value": "V500R001C60SPC600"
},
{
"version_value": "V500R005C00SPC100"
},
{
"version_value": "V100R001C20SPC100"
},
{
"version_value": "V500R001C20SPC101"
},
{
"version_value": "V500R001C80PWE"
},
{
"version_value": "V100R001C00SPC200"
},
{
"version_value": "V100R001C10SPC200"
},
{
"version_value": "V100R001C10SPC201"
},
{
"version_value": "V100R001C20SPC200"
},
{
"version_value": "V500R001C00SPC050"
},
{
"version_value": "V500R001C00SPC090"
},
{
"version_value": "V500R001C30SPC500"
},
{
"version_value": "V500R001C30SPC600"
},
{
"version_value": "V500R001C30SPC600PWE"
},
{
"version_value": "V500R001C30SPC601"
},
{
"version_value": "V500R001C50SPC009"
},
{
"version_value": "V500R001C50SPC100"
},
{
"version_value": "V500R001C50SPC100PWE"
},
{
"version_value": "V500R001C50SPC200"
},
{
"version_value": "V500R001C50SPC200PWE"
},
{
"version_value": "V500R001C50SPC300"
},
{
"version_value": "V500R001C60"
},
{
"version_value": "V500R001C60SPC100PWE"
},
{
"version_value": "V500R001C60SPC200PWE"
},
{
"version_value": "V500R005C00SPC102"
},
{
"version_value": "V500R001C10"
},
{
"version_value": "V500R001C10SPC100"
},
{
"version_value": "V500R001C10SPC200"
},
{
"version_value": "V500R003C00"
},
{
"version_value": "V500R003C00SPC100"
},
{
"version_value": "V200R003C50SPC700"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a null pointer dereference vulnerability. The system dereferences a pointer that it expects to be valid, but is NULL. A local attacker could exploit this vulnerability by sending crafted parameters. A successful exploit could cause a denial of service and the process reboot."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "null pointer dereference"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-5256",
"datePublished": "2019-12-13T22:45:34",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:47:56.652Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5255 (GCVE-0-2019-5255)
Vulnerability from nvd – Published: 2019-12-13 22:48 – Updated: 2024-08-04 19:47
VLAI?
Summary
Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a DoS vulnerability. An attacker may send crafted messages from a FTP client to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the system out-of-bounds read and result in a denial of service condition of the affected service.
Severity ?
No CVSS data available.
CWE
- DoS
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981 |
Affected:
V200R005C30
Affected: V200R006C10 Affected: V200R006C20 Affected: V200R007C10 Affected: V200R007C20 Affected: V200R008C00 Affected: V200R008C10 Affected: V200R009C00 Affected: V500R001C00SPC300 Affected: V500R001C00SPC500 Affected: V500R001C00SPH303 Affected: V500R001C00SPH508 Affected: V500R001C20 Affected: V500R001C20SPC100 Affected: V500R001C20SPC100PWE Affected: V500R001C20SPC200 Affected: V500R001C20SPC200B062 Affected: V500R001C20SPC200PWE Affected: V500R001C20SPC300B078 Affected: V500R001C20SPC300PWE Affected: V500R001C30 Affected: V500R001C30SPC100 Affected: V500R001C30SPC100PWE Affected: V500R001C30SPC200 Affected: V500R001C30SPC200PWE Affected: V500R001C30SPC300 Affected: V500R001C50 Affected: V500R001C50PWE Affected: V500R001C80 Affected: V500R005C00 Affected: V500R001C00SPC500PWE Affected: V500R002C00 Affected: V500R002C00SPC100 Affected: V500R002C00SPC100PWE Affected: V500R002C00SPC200 Affected: V500R002C00SPC200PWE Affected: V500R002C00SPC300 Affected: V500R002C10 Affected: V500R002C10PWE Affected: V500R002C30 Affected: V500R002C30PWE Affected: V200R005C03 Affected: V200R003C00SPC100 Affected: V500R002C20 Affected: V500R001C00 Affected: V500R001C00SPC200 Affected: V500R001C00SPC600 Affected: V500R001C00SPC700 Affected: V500R001C20SPC300 Affected: V500R001C20SPC500 Affected: V500R001C20SPC600 Affected: V500R001C60SPC100 Affected: V500R001C60SPC101 Affected: V500R001C60SPC200 Affected: V500R001C60SPC300 Affected: V500R001C60SPC500 Affected: V500R001C60SPC600 Affected: V500R005C00SPC100 Affected: V100R001C20SPC100 Affected: V500R001C20SPC101 Affected: V500R001C80PWE Affected: V100R001C00SPC200 Affected: V100R001C10SPC200 Affected: V100R001C10SPC201 Affected: V100R001C20SPC200 Affected: V500R001C00SPC050 Affected: V500R001C00SPC090 Affected: V500R001C30SPC500 Affected: V500R001C30SPC600 Affected: V500R001C30SPC600PWE Affected: V500R001C30SPC601 Affected: V500R001C50SPC009 Affected: V500R001C50SPC100 Affected: V500R001C50SPC100PWE Affected: V500R001C50SPC200 Affected: V500R001C50SPC200PWE Affected: V500R001C50SPC300 Affected: V500R001C60 Affected: V500R001C60SPC100PWE Affected: V500R001C60SPC200PWE Affected: V500R005C00SPC102 Affected: V500R001C10 Affected: V500R001C10SPC100 Affected: V500R001C10SPC200 Affected: V500R003C00 Affected: V500R003C00SPC100 Affected: V200R003C50SPC700 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:47:56.961Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R005C30"
},
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R006C20"
},
{
"status": "affected",
"version": "V200R007C10"
},
{
"status": "affected",
"version": "V200R007C20"
},
{
"status": "affected",
"version": "V200R008C00"
},
{
"status": "affected",
"version": "V200R008C10"
},
{
"status": "affected",
"version": "V200R009C00"
},
{
"status": "affected",
"version": "V500R001C00SPC300"
},
{
"status": "affected",
"version": "V500R001C00SPC500"
},
{
"status": "affected",
"version": "V500R001C00SPH303"
},
{
"status": "affected",
"version": "V500R001C00SPH508"
},
{
"status": "affected",
"version": "V500R001C20"
},
{
"status": "affected",
"version": "V500R001C20SPC100"
},
{
"status": "affected",
"version": "V500R001C20SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C20SPC200"
},
{
"status": "affected",
"version": "V500R001C20SPC200B062"
},
{
"status": "affected",
"version": "V500R001C20SPC200PWE"
},
{
"status": "affected",
"version": "V500R001C20SPC300B078"
},
{
"status": "affected",
"version": "V500R001C20SPC300PWE"
},
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C30SPC100"
},
{
"status": "affected",
"version": "V500R001C30SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C30SPC200"
},
{
"status": "affected",
"version": "V500R001C30SPC200PWE"
},
{
"status": "affected",
"version": "V500R001C30SPC300"
},
{
"status": "affected",
"version": "V500R001C50"
},
{
"status": "affected",
"version": "V500R001C50PWE"
},
{
"status": "affected",
"version": "V500R001C80"
},
{
"status": "affected",
"version": "V500R005C00"
},
{
"status": "affected",
"version": "V500R001C00SPC500PWE"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C00SPC100"
},
{
"status": "affected",
"version": "V500R002C00SPC100PWE"
},
{
"status": "affected",
"version": "V500R002C00SPC200"
},
{
"status": "affected",
"version": "V500R002C00SPC200PWE"
},
{
"status": "affected",
"version": "V500R002C00SPC300"
},
{
"status": "affected",
"version": "V500R002C10"
},
{
"status": "affected",
"version": "V500R002C10PWE"
},
{
"status": "affected",
"version": "V500R002C30"
},
{
"status": "affected",
"version": "V500R002C30PWE"
},
{
"status": "affected",
"version": "V200R005C03"
},
{
"status": "affected",
"version": "V200R003C00SPC100"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R001C00"
},
{
"status": "affected",
"version": "V500R001C00SPC200"
},
{
"status": "affected",
"version": "V500R001C00SPC600"
},
{
"status": "affected",
"version": "V500R001C00SPC700"
},
{
"status": "affected",
"version": "V500R001C20SPC300"
},
{
"status": "affected",
"version": "V500R001C20SPC500"
},
{
"status": "affected",
"version": "V500R001C20SPC600"
},
{
"status": "affected",
"version": "V500R001C60SPC100"
},
{
"status": "affected",
"version": "V500R001C60SPC101"
},
{
"status": "affected",
"version": "V500R001C60SPC200"
},
{
"status": "affected",
"version": "V500R001C60SPC300"
},
{
"status": "affected",
"version": "V500R001C60SPC500"
},
{
"status": "affected",
"version": "V500R001C60SPC600"
},
{
"status": "affected",
"version": "V500R005C00SPC100"
},
{
"status": "affected",
"version": "V100R001C20SPC100"
},
{
"status": "affected",
"version": "V500R001C20SPC101"
},
{
"status": "affected",
"version": "V500R001C80PWE"
},
{
"status": "affected",
"version": "V100R001C00SPC200"
},
{
"status": "affected",
"version": "V100R001C10SPC200"
},
{
"status": "affected",
"version": "V100R001C10SPC201"
},
{
"status": "affected",
"version": "V100R001C20SPC200"
},
{
"status": "affected",
"version": "V500R001C00SPC050"
},
{
"status": "affected",
"version": "V500R001C00SPC090"
},
{
"status": "affected",
"version": "V500R001C30SPC500"
},
{
"status": "affected",
"version": "V500R001C30SPC600"
},
{
"status": "affected",
"version": "V500R001C30SPC600PWE"
},
{
"status": "affected",
"version": "V500R001C30SPC601"
},
{
"status": "affected",
"version": "V500R001C50SPC009"
},
{
"status": "affected",
"version": "V500R001C50SPC100"
},
{
"status": "affected",
"version": "V500R001C50SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C50SPC200"
},
{
"status": "affected",
"version": "V500R001C50SPC200PWE"
},
{
"status": "affected",
"version": "V500R001C50SPC300"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R001C60SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C60SPC200PWE"
},
{
"status": "affected",
"version": "V500R005C00SPC102"
},
{
"status": "affected",
"version": "V500R001C10"
},
{
"status": "affected",
"version": "V500R001C10SPC100"
},
{
"status": "affected",
"version": "V500R001C10SPC200"
},
{
"status": "affected",
"version": "V500R003C00"
},
{
"status": "affected",
"version": "V500R003C00SPC100"
},
{
"status": "affected",
"version": "V200R003C50SPC700"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a DoS vulnerability. An attacker may send crafted messages from a FTP client to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the system out-of-bounds read and result in a denial of service condition of the affected service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DoS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-13T22:48:31",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-5255",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981",
"version": {
"version_data": [
{
"version_value": "V200R005C30"
},
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R006C20"
},
{
"version_value": "V200R007C10"
},
{
"version_value": "V200R007C20"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R008C10"
},
{
"version_value": "V200R009C00"
},
{
"version_value": "V500R001C00SPC300"
},
{
"version_value": "V500R001C00SPC500"
},
{
"version_value": "V500R001C00SPH303"
},
{
"version_value": "V500R001C00SPH508"
},
{
"version_value": "V500R001C20"
},
{
"version_value": "V500R001C20SPC100"
},
{
"version_value": "V500R001C20SPC100PWE"
},
{
"version_value": "V500R001C20SPC200"
},
{
"version_value": "V500R001C20SPC200B062"
},
{
"version_value": "V500R001C20SPC200PWE"
},
{
"version_value": "V500R001C20SPC300B078"
},
{
"version_value": "V500R001C20SPC300PWE"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C30SPC100"
},
{
"version_value": "V500R001C30SPC100PWE"
},
{
"version_value": "V500R001C30SPC200"
},
{
"version_value": "V500R001C30SPC200PWE"
},
{
"version_value": "V500R001C30SPC300"
},
{
"version_value": "V500R001C50"
},
{
"version_value": "V500R001C50PWE"
},
{
"version_value": "V500R001C80"
},
{
"version_value": "V500R005C00"
},
{
"version_value": "V500R001C00SPC500PWE"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V500R002C00SPC100"
},
{
"version_value": "V500R002C00SPC100PWE"
},
{
"version_value": "V500R002C00SPC200"
},
{
"version_value": "V500R002C00SPC200PWE"
},
{
"version_value": "V500R002C00SPC300"
},
{
"version_value": "V500R002C10"
},
{
"version_value": "V500R002C10PWE"
},
{
"version_value": "V500R002C30"
},
{
"version_value": "V500R002C30PWE"
},
{
"version_value": "V200R005C03"
},
{
"version_value": "V200R003C00SPC100"
},
{
"version_value": "V500R002C20"
},
{
"version_value": "V500R001C00"
},
{
"version_value": "V500R001C00SPC200"
},
{
"version_value": "V500R001C00SPC600"
},
{
"version_value": "V500R001C00SPC700"
},
{
"version_value": "V500R001C20SPC300"
},
{
"version_value": "V500R001C20SPC500"
},
{
"version_value": "V500R001C20SPC600"
},
{
"version_value": "V500R001C60SPC100"
},
{
"version_value": "V500R001C60SPC101"
},
{
"version_value": "V500R001C60SPC200"
},
{
"version_value": "V500R001C60SPC300"
},
{
"version_value": "V500R001C60SPC500"
},
{
"version_value": "V500R001C60SPC600"
},
{
"version_value": "V500R005C00SPC100"
},
{
"version_value": "V100R001C20SPC100"
},
{
"version_value": "V500R001C20SPC101"
},
{
"version_value": "V500R001C80PWE"
},
{
"version_value": "V100R001C00SPC200"
},
{
"version_value": "V100R001C10SPC200"
},
{
"version_value": "V100R001C10SPC201"
},
{
"version_value": "V100R001C20SPC200"
},
{
"version_value": "V500R001C00SPC050"
},
{
"version_value": "V500R001C00SPC090"
},
{
"version_value": "V500R001C30SPC500"
},
{
"version_value": "V500R001C30SPC600"
},
{
"version_value": "V500R001C30SPC600PWE"
},
{
"version_value": "V500R001C30SPC601"
},
{
"version_value": "V500R001C50SPC009"
},
{
"version_value": "V500R001C50SPC100"
},
{
"version_value": "V500R001C50SPC100PWE"
},
{
"version_value": "V500R001C50SPC200"
},
{
"version_value": "V500R001C50SPC200PWE"
},
{
"version_value": "V500R001C50SPC300"
},
{
"version_value": "V500R001C60"
},
{
"version_value": "V500R001C60SPC100PWE"
},
{
"version_value": "V500R001C60SPC200PWE"
},
{
"version_value": "V500R005C00SPC102"
},
{
"version_value": "V500R001C10"
},
{
"version_value": "V500R001C10SPC100"
},
{
"version_value": "V500R001C10SPC200"
},
{
"version_value": "V500R003C00"
},
{
"version_value": "V500R003C00SPC100"
},
{
"version_value": "V200R003C50SPC700"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a DoS vulnerability. An attacker may send crafted messages from a FTP client to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the system out-of-bounds read and result in a denial of service condition of the affected service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-5255",
"datePublished": "2019-12-13T22:48:31",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:47:56.961Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5254 (GCVE-0-2019-5254)
Vulnerability from nvd – Published: 2019-12-13 22:51 – Updated: 2024-08-04 19:47
VLAI?
Summary
Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have an out-of-bounds read vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the affected board to be abnormal.
Severity ?
No CVSS data available.
CWE
- out-of-bounds read
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981 |
Affected:
V200R005C30
Affected: V200R006C10 Affected: V200R006C20 Affected: V200R007C10 Affected: V200R007C20 Affected: V200R008C00 Affected: V200R008C10 Affected: V200R009C00 Affected: V500R001C00SPC300 Affected: V500R001C00SPC500 Affected: V500R001C00SPH303 Affected: V500R001C00SPH508 Affected: V500R001C20 Affected: V500R001C20SPC100 Affected: V500R001C20SPC100PWE Affected: V500R001C20SPC200 Affected: V500R001C20SPC200B062 Affected: V500R001C20SPC200PWE Affected: V500R001C20SPC300B078 Affected: V500R001C20SPC300PWE Affected: V500R001C30 Affected: V500R001C30SPC100 Affected: V500R001C30SPC100PWE Affected: V500R001C30SPC200 Affected: V500R001C30SPC200PWE Affected: V500R001C30SPC300 Affected: V500R001C50 Affected: V500R001C50PWE Affected: V500R001C80 Affected: V500R005C00 Affected: V500R001C00SPC500PWE Affected: V500R002C00 Affected: V500R002C00SPC100 Affected: V500R002C00SPC100PWE Affected: V500R002C00SPC200 Affected: V500R002C00SPC200PWE Affected: V500R002C00SPC300 Affected: V500R002C10 Affected: V500R002C10PWE Affected: V500R002C30 Affected: V500R002C30PWE Affected: V200R005C03 Affected: V200R003C00SPC100 Affected: V500R002C20 Affected: V500R001C00 Affected: V500R001C00SPC200 Affected: V500R001C00SPC600 Affected: V500R001C00SPC700 Affected: V500R001C20SPC300 Affected: V500R001C20SPC500 Affected: V500R001C20SPC600 Affected: V500R001C60SPC100 Affected: V500R001C60SPC101 Affected: V500R001C60SPC200 Affected: V500R001C60SPC300 Affected: V500R001C60SPC500 Affected: V500R001C60SPC600 Affected: V500R005C00SPC100 Affected: V100R001C20SPC100 Affected: V500R001C20SPC101 Affected: V500R001C80PWE Affected: V100R001C00SPC200 Affected: V100R001C10SPC200 Affected: V100R001C10SPC201 Affected: V100R001C20SPC200 Affected: V500R001C00SPC050 Affected: V500R001C00SPC090 Affected: V500R001C30SPC500 Affected: V500R001C30SPC600 Affected: V500R001C30SPC600PWE Affected: V500R001C30SPC601 Affected: V500R001C50SPC009 Affected: V500R001C50SPC100 Affected: V500R001C50SPC100PWE Affected: V500R001C50SPC200 Affected: V500R001C50SPC200PWE Affected: V500R001C50SPC300 Affected: V500R001C60 Affected: V500R001C60SPC100PWE Affected: V500R001C60SPC200PWE Affected: V500R005C00SPC102 Affected: V500R001C10 Affected: V500R001C10SPC100 Affected: V500R001C10SPC200 Affected: V500R003C00 Affected: V500R003C00SPC100 Affected: V200R003C50SPC700 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:47:56.865Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R005C30"
},
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R006C20"
},
{
"status": "affected",
"version": "V200R007C10"
},
{
"status": "affected",
"version": "V200R007C20"
},
{
"status": "affected",
"version": "V200R008C00"
},
{
"status": "affected",
"version": "V200R008C10"
},
{
"status": "affected",
"version": "V200R009C00"
},
{
"status": "affected",
"version": "V500R001C00SPC300"
},
{
"status": "affected",
"version": "V500R001C00SPC500"
},
{
"status": "affected",
"version": "V500R001C00SPH303"
},
{
"status": "affected",
"version": "V500R001C00SPH508"
},
{
"status": "affected",
"version": "V500R001C20"
},
{
"status": "affected",
"version": "V500R001C20SPC100"
},
{
"status": "affected",
"version": "V500R001C20SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C20SPC200"
},
{
"status": "affected",
"version": "V500R001C20SPC200B062"
},
{
"status": "affected",
"version": "V500R001C20SPC200PWE"
},
{
"status": "affected",
"version": "V500R001C20SPC300B078"
},
{
"status": "affected",
"version": "V500R001C20SPC300PWE"
},
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C30SPC100"
},
{
"status": "affected",
"version": "V500R001C30SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C30SPC200"
},
{
"status": "affected",
"version": "V500R001C30SPC200PWE"
},
{
"status": "affected",
"version": "V500R001C30SPC300"
},
{
"status": "affected",
"version": "V500R001C50"
},
{
"status": "affected",
"version": "V500R001C50PWE"
},
{
"status": "affected",
"version": "V500R001C80"
},
{
"status": "affected",
"version": "V500R005C00"
},
{
"status": "affected",
"version": "V500R001C00SPC500PWE"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C00SPC100"
},
{
"status": "affected",
"version": "V500R002C00SPC100PWE"
},
{
"status": "affected",
"version": "V500R002C00SPC200"
},
{
"status": "affected",
"version": "V500R002C00SPC200PWE"
},
{
"status": "affected",
"version": "V500R002C00SPC300"
},
{
"status": "affected",
"version": "V500R002C10"
},
{
"status": "affected",
"version": "V500R002C10PWE"
},
{
"status": "affected",
"version": "V500R002C30"
},
{
"status": "affected",
"version": "V500R002C30PWE"
},
{
"status": "affected",
"version": "V200R005C03"
},
{
"status": "affected",
"version": "V200R003C00SPC100"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R001C00"
},
{
"status": "affected",
"version": "V500R001C00SPC200"
},
{
"status": "affected",
"version": "V500R001C00SPC600"
},
{
"status": "affected",
"version": "V500R001C00SPC700"
},
{
"status": "affected",
"version": "V500R001C20SPC300"
},
{
"status": "affected",
"version": "V500R001C20SPC500"
},
{
"status": "affected",
"version": "V500R001C20SPC600"
},
{
"status": "affected",
"version": "V500R001C60SPC100"
},
{
"status": "affected",
"version": "V500R001C60SPC101"
},
{
"status": "affected",
"version": "V500R001C60SPC200"
},
{
"status": "affected",
"version": "V500R001C60SPC300"
},
{
"status": "affected",
"version": "V500R001C60SPC500"
},
{
"status": "affected",
"version": "V500R001C60SPC600"
},
{
"status": "affected",
"version": "V500R005C00SPC100"
},
{
"status": "affected",
"version": "V100R001C20SPC100"
},
{
"status": "affected",
"version": "V500R001C20SPC101"
},
{
"status": "affected",
"version": "V500R001C80PWE"
},
{
"status": "affected",
"version": "V100R001C00SPC200"
},
{
"status": "affected",
"version": "V100R001C10SPC200"
},
{
"status": "affected",
"version": "V100R001C10SPC201"
},
{
"status": "affected",
"version": "V100R001C20SPC200"
},
{
"status": "affected",
"version": "V500R001C00SPC050"
},
{
"status": "affected",
"version": "V500R001C00SPC090"
},
{
"status": "affected",
"version": "V500R001C30SPC500"
},
{
"status": "affected",
"version": "V500R001C30SPC600"
},
{
"status": "affected",
"version": "V500R001C30SPC600PWE"
},
{
"status": "affected",
"version": "V500R001C30SPC601"
},
{
"status": "affected",
"version": "V500R001C50SPC009"
},
{
"status": "affected",
"version": "V500R001C50SPC100"
},
{
"status": "affected",
"version": "V500R001C50SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C50SPC200"
},
{
"status": "affected",
"version": "V500R001C50SPC200PWE"
},
{
"status": "affected",
"version": "V500R001C50SPC300"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R001C60SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C60SPC200PWE"
},
{
"status": "affected",
"version": "V500R005C00SPC102"
},
{
"status": "affected",
"version": "V500R001C10"
},
{
"status": "affected",
"version": "V500R001C10SPC100"
},
{
"status": "affected",
"version": "V500R001C10SPC200"
},
{
"status": "affected",
"version": "V500R003C00"
},
{
"status": "affected",
"version": "V500R003C00SPC100"
},
{
"status": "affected",
"version": "V200R003C50SPC700"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have an out-of-bounds read vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the affected board to be abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "out-of-bounds read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-13T22:51:29",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-5254",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981",
"version": {
"version_data": [
{
"version_value": "V200R005C30"
},
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R006C20"
},
{
"version_value": "V200R007C10"
},
{
"version_value": "V200R007C20"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R008C10"
},
{
"version_value": "V200R009C00"
},
{
"version_value": "V500R001C00SPC300"
},
{
"version_value": "V500R001C00SPC500"
},
{
"version_value": "V500R001C00SPH303"
},
{
"version_value": "V500R001C00SPH508"
},
{
"version_value": "V500R001C20"
},
{
"version_value": "V500R001C20SPC100"
},
{
"version_value": "V500R001C20SPC100PWE"
},
{
"version_value": "V500R001C20SPC200"
},
{
"version_value": "V500R001C20SPC200B062"
},
{
"version_value": "V500R001C20SPC200PWE"
},
{
"version_value": "V500R001C20SPC300B078"
},
{
"version_value": "V500R001C20SPC300PWE"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C30SPC100"
},
{
"version_value": "V500R001C30SPC100PWE"
},
{
"version_value": "V500R001C30SPC200"
},
{
"version_value": "V500R001C30SPC200PWE"
},
{
"version_value": "V500R001C30SPC300"
},
{
"version_value": "V500R001C50"
},
{
"version_value": "V500R001C50PWE"
},
{
"version_value": "V500R001C80"
},
{
"version_value": "V500R005C00"
},
{
"version_value": "V500R001C00SPC500PWE"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V500R002C00SPC100"
},
{
"version_value": "V500R002C00SPC100PWE"
},
{
"version_value": "V500R002C00SPC200"
},
{
"version_value": "V500R002C00SPC200PWE"
},
{
"version_value": "V500R002C00SPC300"
},
{
"version_value": "V500R002C10"
},
{
"version_value": "V500R002C10PWE"
},
{
"version_value": "V500R002C30"
},
{
"version_value": "V500R002C30PWE"
},
{
"version_value": "V200R005C03"
},
{
"version_value": "V200R003C00SPC100"
},
{
"version_value": "V500R002C20"
},
{
"version_value": "V500R001C00"
},
{
"version_value": "V500R001C00SPC200"
},
{
"version_value": "V500R001C00SPC600"
},
{
"version_value": "V500R001C00SPC700"
},
{
"version_value": "V500R001C20SPC300"
},
{
"version_value": "V500R001C20SPC500"
},
{
"version_value": "V500R001C20SPC600"
},
{
"version_value": "V500R001C60SPC100"
},
{
"version_value": "V500R001C60SPC101"
},
{
"version_value": "V500R001C60SPC200"
},
{
"version_value": "V500R001C60SPC300"
},
{
"version_value": "V500R001C60SPC500"
},
{
"version_value": "V500R001C60SPC600"
},
{
"version_value": "V500R005C00SPC100"
},
{
"version_value": "V100R001C20SPC100"
},
{
"version_value": "V500R001C20SPC101"
},
{
"version_value": "V500R001C80PWE"
},
{
"version_value": "V100R001C00SPC200"
},
{
"version_value": "V100R001C10SPC200"
},
{
"version_value": "V100R001C10SPC201"
},
{
"version_value": "V100R001C20SPC200"
},
{
"version_value": "V500R001C00SPC050"
},
{
"version_value": "V500R001C00SPC090"
},
{
"version_value": "V500R001C30SPC500"
},
{
"version_value": "V500R001C30SPC600"
},
{
"version_value": "V500R001C30SPC600PWE"
},
{
"version_value": "V500R001C30SPC601"
},
{
"version_value": "V500R001C50SPC009"
},
{
"version_value": "V500R001C50SPC100"
},
{
"version_value": "V500R001C50SPC100PWE"
},
{
"version_value": "V500R001C50SPC200"
},
{
"version_value": "V500R001C50SPC200PWE"
},
{
"version_value": "V500R001C50SPC300"
},
{
"version_value": "V500R001C60"
},
{
"version_value": "V500R001C60SPC100PWE"
},
{
"version_value": "V500R001C60SPC200PWE"
},
{
"version_value": "V500R005C00SPC102"
},
{
"version_value": "V500R001C10"
},
{
"version_value": "V500R001C10SPC100"
},
{
"version_value": "V500R001C10SPC200"
},
{
"version_value": "V500R003C00"
},
{
"version_value": "V500R003C00SPC100"
},
{
"version_value": "V200R003C50SPC700"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have an out-of-bounds read vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the affected board to be abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "out-of-bounds read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-5254",
"datePublished": "2019-12-13T22:51:29",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:47:56.865Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17258 (GCVE-0-2017-17258)
Vulnerability from nvd – Published: 2018-04-24 15:00 – Updated: 2024-08-05 20:43
VLAI?
Summary
Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00SPC180T, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00SPC200, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG6000V V500R001C20, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02 has a resource management vulnerability in H323 protocol. An unauthenticated, remote attacker could craft malformed packets and send the packets to the affected products in the case of failure to apply for memory. Due to insufficient validation of packets, which could be exploited to cause process crash.
Severity ?
No CVSS data available.
CWE
- resource management
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | AR120-S, AR1200, AR1200-S, AR150, AR150-S, AR160, AR200, AR200-S, AR2200, AR2200-S, AR3200, AR3600, AR510, DP300, IPS Module, NGFW Module, NIP6300, NIP6600, NIP6800, NetEngine16EX, RSE6500, SRG1300, SRG2300, SRG3300, SVN5600, SVN5800, SVN5800-C, SeMG9811, Secospace USG6300, Secospace USG6500, Secospace USG6600, TE30, TE40, TE50, TE60, TP3106, TP3206, USG6000V, USG9500, USG9520, USG9560, USG9580, VP9660, ViewPoint 8660, ViewPoint 9030 |
Affected:
AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006 ...[truncated*]
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:43:59.977Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171227-01-h323-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AR120-S, AR1200, AR1200-S, AR150, AR150-S, AR160, AR200, AR200-S, AR2200, AR2200-S, AR3200, AR3600, AR510, DP300, IPS Module, NGFW Module, NIP6300, NIP6600, NIP6800, NetEngine16EX, RSE6500, SRG1300, SRG2300, SRG3300, SVN5600, SVN5800, SVN5800-C, SeMG9811, Secospace USG6300, Secospace USG6500, Secospace USG6600, TE30, TE40, TE50, TE60, TP3106, TP3206, USG6000V, USG9500, USG9520, USG9560, USG9580, VP9660, ViewPoint 8660, ViewPoint 9030",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006 ...[truncated*]"
}
]
}
],
"datePublic": "2017-12-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00SPC180T, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00SPC200, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG6000V V500R001C20, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02 has a resource management vulnerability in H323 protocol. An unauthenticated, remote attacker could craft malformed packets and send the packets to the affected products in the case of failure to apply for memory. Due to insufficient validation of packets, which could be exploited to cause process crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "resource management",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-24T14:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171227-01-h323-en"
}
],
"x_ConverterErrors": {
"version_name": {
"error": "version_name too long. Use array of versions to record more than one version.",
"message": "Truncated!"
}
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17258",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AR120-S, AR1200, AR1200-S, AR150, AR150-S, AR160, AR200, AR200-S, AR2200, AR2200-S, AR3200, AR3600, AR510, DP300, IPS Module, NGFW Module, NIP6300, NIP6600, NIP6800, NetEngine16EX, RSE6500, SRG1300, SRG2300, SRG3300, SVN5600, SVN5800, SVN5800-C, SeMG9811, Secospace USG6300, Secospace USG6500, Secospace USG6600, TE30, TE40, TE50, TE60, TP3106, TP3206, USG6000V, USG9500, USG9520, USG9560, USG9580, VP9660, ViewPoint 8660, ViewPoint 9030",
"version": {
"version_data": [
{
"version_value": "AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00SPC180T, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00SPC200, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG6000V V500R001C20, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00SPC180T, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00SPC200, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG6000V V500R001C20, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02 has a resource management vulnerability in H323 protocol. An unauthenticated, remote attacker could craft malformed packets and send the packets to the affected products in the case of failure to apply for memory. Due to insufficient validation of packets, which could be exploited to cause process crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "resource management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171227-01-h323-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171227-01-h323-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17258",
"datePublished": "2018-04-24T15:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:43:59.977Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17257 (GCVE-0-2017-17257)
Vulnerability from nvd – Published: 2018-04-24 15:00 – Updated: 2024-08-05 20:44
VLAI?
Summary
Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00SPC180T, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00SPC200, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG6000V V500R001C20, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02 has a memory leak vulnerability in H323 protocol. An unauthenticated, remote attacker could craft malformed packets and send the packets to the affected products. Due to insufficient verification of the packets, successful exploit could cause a memory leak and eventual denial of service (DoS) condition.
Severity ?
No CVSS data available.
CWE
- memory leak
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | AR120-S, AR1200, AR1200-S, AR150, AR150-S, AR160, AR200, AR200-S, AR2200, AR2200-S, AR3200, AR3600, AR510, DP300, IPS Module, NGFW Module, NIP6300, NIP6600, NIP6800, NetEngine16EX, RSE6500, SRG1300, SRG2300, SRG3300, SVN5600, SVN5800, SVN5800-C, SeMG9811, Secospace USG6300, Secospace USG6500, Secospace USG6600, TE30, TE40, TE50, TE60, TP3106, TP3206, USG6000V, USG9500, USG9520, USG9560, USG9580, VP9660, ViewPoint 8660, ViewPoint 9030 |
Affected:
AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006 ...[truncated*]
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:44:00.415Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171227-01-h323-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AR120-S, AR1200, AR1200-S, AR150, AR150-S, AR160, AR200, AR200-S, AR2200, AR2200-S, AR3200, AR3600, AR510, DP300, IPS Module, NGFW Module, NIP6300, NIP6600, NIP6800, NetEngine16EX, RSE6500, SRG1300, SRG2300, SRG3300, SVN5600, SVN5800, SVN5800-C, SeMG9811, Secospace USG6300, Secospace USG6500, Secospace USG6600, TE30, TE40, TE50, TE60, TP3106, TP3206, USG6000V, USG9500, USG9520, USG9560, USG9580, VP9660, ViewPoint 8660, ViewPoint 9030",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006 ...[truncated*]"
}
]
}
],
"datePublic": "2017-12-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00SPC180T, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00SPC200, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG6000V V500R001C20, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02 has a memory leak vulnerability in H323 protocol. An unauthenticated, remote attacker could craft malformed packets and send the packets to the affected products. Due to insufficient verification of the packets, successful exploit could cause a memory leak and eventual denial of service (DoS) condition."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "memory leak",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-24T14:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171227-01-h323-en"
}
],
"x_ConverterErrors": {
"version_name": {
"error": "version_name too long. Use array of versions to record more than one version.",
"message": "Truncated!"
}
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17257",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AR120-S, AR1200, AR1200-S, AR150, AR150-S, AR160, AR200, AR200-S, AR2200, AR2200-S, AR3200, AR3600, AR510, DP300, IPS Module, NGFW Module, NIP6300, NIP6600, NIP6800, NetEngine16EX, RSE6500, SRG1300, SRG2300, SRG3300, SVN5600, SVN5800, SVN5800-C, SeMG9811, Secospace USG6300, Secospace USG6500, Secospace USG6600, TE30, TE40, TE50, TE60, TP3106, TP3206, USG6000V, USG9500, USG9520, USG9560, USG9580, VP9660, ViewPoint 8660, ViewPoint 9030",
"version": {
"version_data": [
{
"version_value": "AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00SPC180T, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00SPC200, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG6000V V500R001C20, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00SPC180T, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00SPC200, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG6000V V500R001C20, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02 has a memory leak vulnerability in H323 protocol. An unauthenticated, remote attacker could craft malformed packets and send the packets to the affected products. Due to insufficient verification of the packets, successful exploit could cause a memory leak and eventual denial of service (DoS) condition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "memory leak"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171227-01-h323-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171227-01-h323-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17257",
"datePublished": "2018-04-24T15:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:44:00.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17256 (GCVE-0-2017-17256)
Vulnerability from nvd – Published: 2018-04-24 15:00 – Updated: 2024-08-05 20:43
VLAI?
Summary
Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00SPC180T, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00SPC200, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG6000V V500R001C20, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02 has a memory leak vulnerability in H323 protocol. An unauthenticated, remote attacker could craft malformed packets and send the packets to the affected products. Due to insufficient verification of the packets, successful exploit could cause a memory leak and eventual denial of service (DoS) condition.
Severity ?
No CVSS data available.
CWE
- memory leak
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | AR120-S, AR1200, AR1200-S, AR150, AR150-S, AR160, AR200, AR200-S, AR2200, AR2200-S, AR3200, AR3600, AR510, DP300, IPS Module, NGFW Module, NIP6300, NIP6600, NIP6800, NetEngine16EX, RSE6500, SRG1300, SRG2300, SRG3300, SVN5600, SVN5800, SVN5800-C, SeMG9811, Secospace USG6300, Secospace USG6500, Secospace USG6600, TE30, TE40, TE50, TE60, TP3106, TP3206, USG6000V, USG9500, USG9520, USG9560, USG9580, VP9660, ViewPoint 8660, ViewPoint 9030 |
Affected:
AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006 ...[truncated*]
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:43:59.866Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171227-01-h323-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AR120-S, AR1200, AR1200-S, AR150, AR150-S, AR160, AR200, AR200-S, AR2200, AR2200-S, AR3200, AR3600, AR510, DP300, IPS Module, NGFW Module, NIP6300, NIP6600, NIP6800, NetEngine16EX, RSE6500, SRG1300, SRG2300, SRG3300, SVN5600, SVN5800, SVN5800-C, SeMG9811, Secospace USG6300, Secospace USG6500, Secospace USG6600, TE30, TE40, TE50, TE60, TP3106, TP3206, USG6000V, USG9500, USG9520, USG9560, USG9580, VP9660, ViewPoint 8660, ViewPoint 9030",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006 ...[truncated*]"
}
]
}
],
"datePublic": "2017-12-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00SPC180T, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00SPC200, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG6000V V500R001C20, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02 has a memory leak vulnerability in H323 protocol. An unauthenticated, remote attacker could craft malformed packets and send the packets to the affected products. Due to insufficient verification of the packets, successful exploit could cause a memory leak and eventual denial of service (DoS) condition."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "memory leak",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-24T14:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171227-01-h323-en"
}
],
"x_ConverterErrors": {
"version_name": {
"error": "version_name too long. Use array of versions to record more than one version.",
"message": "Truncated!"
}
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17256",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AR120-S, AR1200, AR1200-S, AR150, AR150-S, AR160, AR200, AR200-S, AR2200, AR2200-S, AR3200, AR3600, AR510, DP300, IPS Module, NGFW Module, NIP6300, NIP6600, NIP6800, NetEngine16EX, RSE6500, SRG1300, SRG2300, SRG3300, SVN5600, SVN5800, SVN5800-C, SeMG9811, Secospace USG6300, Secospace USG6500, Secospace USG6600, TE30, TE40, TE50, TE60, TP3106, TP3206, USG6000V, USG9500, USG9520, USG9560, USG9580, VP9660, ViewPoint 8660, ViewPoint 9030",
"version": {
"version_data": [
{
"version_value": "AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00SPC180T, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00SPC200, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG6000V V500R001C20, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00SPC180T, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00SPC200, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG6000V V500R001C20, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02 has a memory leak vulnerability in H323 protocol. An unauthenticated, remote attacker could craft malformed packets and send the packets to the affected products. Due to insufficient verification of the packets, successful exploit could cause a memory leak and eventual denial of service (DoS) condition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "memory leak"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171227-01-h323-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171227-01-h323-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17256",
"datePublished": "2018-04-24T15:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:43:59.866Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17255 (GCVE-0-2017-17255)
Vulnerability from nvd – Published: 2018-04-24 15:00 – Updated: 2024-08-05 20:44
VLAI?
Summary
Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00SPC180T, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00SPC200, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG6000V V500R001C20, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02 have a null pointer dereference vulnerability in H323 protocol. An unauthenticated, remote attacker could craft malformed packets and send the packets to the affected products. Due to insufficient validation of packets, which could be exploited to cause process crash.
Severity ?
No CVSS data available.
CWE
- null pointer dereference
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | AR120-S, AR1200, AR1200-S, AR150, AR150-S, AR160, AR200, AR200-S, AR2200, AR2200-S, AR3200, AR3600, AR510, DP300, IPS Module, NGFW Module, NIP6300, NIP6600, NIP6800, NetEngine16EX, RSE6500, SRG1300, SRG2300, SRG3300, SVN5600, SVN5800, SVN5800-C, SeMG9811, Secospace USG6300, Secospace USG6500, Secospace USG6600, TE30, TE40, TE50, TE60, TP3106, TP3206, USG6000V, USG9500, USG9520, USG9560, USG9580, VP9660, ViewPoint 8660, ViewPoint 9030 |
Affected:
AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006 ...[truncated*]
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:44:00.156Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171227-01-h323-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AR120-S, AR1200, AR1200-S, AR150, AR150-S, AR160, AR200, AR200-S, AR2200, AR2200-S, AR3200, AR3600, AR510, DP300, IPS Module, NGFW Module, NIP6300, NIP6600, NIP6800, NetEngine16EX, RSE6500, SRG1300, SRG2300, SRG3300, SVN5600, SVN5800, SVN5800-C, SeMG9811, Secospace USG6300, Secospace USG6500, Secospace USG6600, TE30, TE40, TE50, TE60, TP3106, TP3206, USG6000V, USG9500, USG9520, USG9560, USG9580, VP9660, ViewPoint 8660, ViewPoint 9030",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006 ...[truncated*]"
}
]
}
],
"datePublic": "2017-12-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00SPC180T, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00SPC200, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG6000V V500R001C20, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02 have a null pointer dereference vulnerability in H323 protocol. An unauthenticated, remote attacker could craft malformed packets and send the packets to the affected products. Due to insufficient validation of packets, which could be exploited to cause process crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "null pointer dereference",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-24T14:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171227-01-h323-en"
}
],
"x_ConverterErrors": {
"version_name": {
"error": "version_name too long. Use array of versions to record more than one version.",
"message": "Truncated!"
}
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17255",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AR120-S, AR1200, AR1200-S, AR150, AR150-S, AR160, AR200, AR200-S, AR2200, AR2200-S, AR3200, AR3600, AR510, DP300, IPS Module, NGFW Module, NIP6300, NIP6600, NIP6800, NetEngine16EX, RSE6500, SRG1300, SRG2300, SRG3300, SVN5600, SVN5800, SVN5800-C, SeMG9811, Secospace USG6300, Secospace USG6500, Secospace USG6600, TE30, TE40, TE50, TE60, TP3106, TP3206, USG6000V, USG9500, USG9520, USG9560, USG9580, VP9660, ViewPoint 8660, ViewPoint 9030",
"version": {
"version_data": [
{
"version_value": "AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00SPC180T, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00SPC200, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG6000V V500R001C20, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00SPC180T, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00SPC200, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG6000V V500R001C20, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02 have a null pointer dereference vulnerability in H323 protocol. An unauthenticated, remote attacker could craft malformed packets and send the packets to the affected products. Due to insufficient validation of packets, which could be exploited to cause process crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "null pointer dereference"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171227-01-h323-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171227-01-h323-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17255",
"datePublished": "2018-04-24T15:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:44:00.156Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1824 (GCVE-0-2020-1824)
Vulnerability from cvelistv5 – Published: 2024-12-28 06:37 – Updated: 2024-12-28 16:32
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1824",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-28T16:32:08.146658Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T16:32:25.200Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:37:14.149Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1824",
"datePublished": "2024-12-28T06:37:14.149Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-28T16:32:25.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1823 (GCVE-0-2020-1823)
Vulnerability from cvelistv5 – Published: 2024-12-28 06:29 – Updated: 2024-12-28 16:33
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1823",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-28T16:33:21.089526Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T16:33:45.933Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:29:49.051Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1823",
"datePublished": "2024-12-28T06:29:49.051Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-28T16:33:45.933Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1822 (GCVE-0-2020-1822)
Vulnerability from cvelistv5 – Published: 2024-12-28 06:21 – Updated: 2024-12-28 16:34
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1822",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-28T16:34:26.596620Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T16:34:41.792Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:21:04.473Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1822",
"datePublished": "2024-12-28T06:21:04.473Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-28T16:34:41.792Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1821 (GCVE-0-2020-1821)
Vulnerability from cvelistv5 – Published: 2024-12-28 06:16 – Updated: 2024-12-30 16:13
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1821",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-30T16:12:49.264838Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-30T16:13:03.624Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:16:58.770Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1821",
"datePublished": "2024-12-28T06:16:58.770Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-30T16:13:03.624Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1820 (GCVE-0-2020-1820)
Vulnerability from cvelistv5 – Published: 2024-12-28 06:11 – Updated: 2024-12-31 17:17
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1820",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-31T17:16:57.375041Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-31T17:17:05.860Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-28T06:11:17.446Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1820",
"datePublished": "2024-12-28T06:11:17.446Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-31T17:17:05.860Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1819 (GCVE-0-2020-1819)
Vulnerability from cvelistv5 – Published: 2024-12-27 10:05 – Updated: 2024-12-27 14:56
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1819",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-27T14:56:22.966063Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T14:56:31.845Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T10:05:47.224Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1819",
"datePublished": "2024-12-27T10:05:47.224Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-27T14:56:31.845Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1818 (GCVE-0-2020-1818)
Vulnerability from cvelistv5 – Published: 2024-12-27 10:02 – Updated: 2024-12-27 14:57
VLAI?
Summary
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module |
Affected:
V500R001C30
Affected: V500R001C60 Affected: V500R005C00 |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-1818",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-27T14:56:47.972518Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T14:57:27.653Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NGFW Module",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NIP6800",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6300",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6500",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secospace USG6600",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R005C00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R003C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\u003c/p\u003e\u003cp\u003eThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.\u003c/p\u003e"
}
],
"value": "There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)\n\nThe seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T10:02:45.710Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1818",
"datePublished": "2024-12-27T10:02:45.710Z",
"dateReserved": "2019-11-29T00:00:00.000Z",
"dateUpdated": "2024-12-27T14:57:27.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1863 (GCVE-0-2020-1863)
Vulnerability from cvelistv5 – Published: 2020-03-12 22:01 – Updated: 2024-08-04 06:53
VLAI?
Summary
Huawei USG6000V with versions V500R001C20SPC300, V500R003C00SPC100, and V500R005C00SPC100 have an out-of-bounds read vulnerability. Due to a logical flaw in a JSON parsing routine, a remote, unauthenticated attacker could exploit this vulnerability to disrupt service in the affected products.
Severity ?
No CVSS data available.
CWE
- Out of Bounds Read
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei | Huawei USG6000V |
Affected:
V500R001C20SPC300
Affected: V500R003C00SPC100 Affected: V500R005C00SPC100 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:53:58.774Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200311-01-buffer-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Huawei USG6000V",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "V500R001C20SPC300"
},
{
"status": "affected",
"version": "V500R003C00SPC100"
},
{
"status": "affected",
"version": "V500R005C00SPC100"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Huawei USG6000V with versions V500R001C20SPC300, V500R003C00SPC100, and V500R005C00SPC100 have an out-of-bounds read vulnerability. Due to a logical flaw in a JSON parsing routine, a remote, unauthenticated attacker could exploit this vulnerability to disrupt service in the affected products."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out of Bounds Read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-12T22:01:20",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200311-01-buffer-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1863",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Huawei USG6000V",
"version": {
"version_data": [
{
"version_value": "V500R001C20SPC300"
},
{
"version_value": "V500R003C00SPC100"
},
{
"version_value": "V500R005C00SPC100"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei USG6000V with versions V500R001C20SPC300, V500R003C00SPC100, and V500R005C00SPC100 have an out-of-bounds read vulnerability. Due to a logical flaw in a JSON parsing routine, a remote, unauthenticated attacker could exploit this vulnerability to disrupt service in the affected products."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of Bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200311-01-buffer-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200311-01-buffer-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1863",
"datePublished": "2020-03-12T22:01:20",
"dateReserved": "2019-11-29T00:00:00",
"dateUpdated": "2024-08-04T06:53:58.774Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5254 (GCVE-0-2019-5254)
Vulnerability from cvelistv5 – Published: 2019-12-13 22:51 – Updated: 2024-08-04 19:47
VLAI?
Summary
Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have an out-of-bounds read vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the affected board to be abnormal.
Severity ?
No CVSS data available.
CWE
- out-of-bounds read
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981 |
Affected:
V200R005C30
Affected: V200R006C10 Affected: V200R006C20 Affected: V200R007C10 Affected: V200R007C20 Affected: V200R008C00 Affected: V200R008C10 Affected: V200R009C00 Affected: V500R001C00SPC300 Affected: V500R001C00SPC500 Affected: V500R001C00SPH303 Affected: V500R001C00SPH508 Affected: V500R001C20 Affected: V500R001C20SPC100 Affected: V500R001C20SPC100PWE Affected: V500R001C20SPC200 Affected: V500R001C20SPC200B062 Affected: V500R001C20SPC200PWE Affected: V500R001C20SPC300B078 Affected: V500R001C20SPC300PWE Affected: V500R001C30 Affected: V500R001C30SPC100 Affected: V500R001C30SPC100PWE Affected: V500R001C30SPC200 Affected: V500R001C30SPC200PWE Affected: V500R001C30SPC300 Affected: V500R001C50 Affected: V500R001C50PWE Affected: V500R001C80 Affected: V500R005C00 Affected: V500R001C00SPC500PWE Affected: V500R002C00 Affected: V500R002C00SPC100 Affected: V500R002C00SPC100PWE Affected: V500R002C00SPC200 Affected: V500R002C00SPC200PWE Affected: V500R002C00SPC300 Affected: V500R002C10 Affected: V500R002C10PWE Affected: V500R002C30 Affected: V500R002C30PWE Affected: V200R005C03 Affected: V200R003C00SPC100 Affected: V500R002C20 Affected: V500R001C00 Affected: V500R001C00SPC200 Affected: V500R001C00SPC600 Affected: V500R001C00SPC700 Affected: V500R001C20SPC300 Affected: V500R001C20SPC500 Affected: V500R001C20SPC600 Affected: V500R001C60SPC100 Affected: V500R001C60SPC101 Affected: V500R001C60SPC200 Affected: V500R001C60SPC300 Affected: V500R001C60SPC500 Affected: V500R001C60SPC600 Affected: V500R005C00SPC100 Affected: V100R001C20SPC100 Affected: V500R001C20SPC101 Affected: V500R001C80PWE Affected: V100R001C00SPC200 Affected: V100R001C10SPC200 Affected: V100R001C10SPC201 Affected: V100R001C20SPC200 Affected: V500R001C00SPC050 Affected: V500R001C00SPC090 Affected: V500R001C30SPC500 Affected: V500R001C30SPC600 Affected: V500R001C30SPC600PWE Affected: V500R001C30SPC601 Affected: V500R001C50SPC009 Affected: V500R001C50SPC100 Affected: V500R001C50SPC100PWE Affected: V500R001C50SPC200 Affected: V500R001C50SPC200PWE Affected: V500R001C50SPC300 Affected: V500R001C60 Affected: V500R001C60SPC100PWE Affected: V500R001C60SPC200PWE Affected: V500R005C00SPC102 Affected: V500R001C10 Affected: V500R001C10SPC100 Affected: V500R001C10SPC200 Affected: V500R003C00 Affected: V500R003C00SPC100 Affected: V200R003C50SPC700 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:47:56.865Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R005C30"
},
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R006C20"
},
{
"status": "affected",
"version": "V200R007C10"
},
{
"status": "affected",
"version": "V200R007C20"
},
{
"status": "affected",
"version": "V200R008C00"
},
{
"status": "affected",
"version": "V200R008C10"
},
{
"status": "affected",
"version": "V200R009C00"
},
{
"status": "affected",
"version": "V500R001C00SPC300"
},
{
"status": "affected",
"version": "V500R001C00SPC500"
},
{
"status": "affected",
"version": "V500R001C00SPH303"
},
{
"status": "affected",
"version": "V500R001C00SPH508"
},
{
"status": "affected",
"version": "V500R001C20"
},
{
"status": "affected",
"version": "V500R001C20SPC100"
},
{
"status": "affected",
"version": "V500R001C20SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C20SPC200"
},
{
"status": "affected",
"version": "V500R001C20SPC200B062"
},
{
"status": "affected",
"version": "V500R001C20SPC200PWE"
},
{
"status": "affected",
"version": "V500R001C20SPC300B078"
},
{
"status": "affected",
"version": "V500R001C20SPC300PWE"
},
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C30SPC100"
},
{
"status": "affected",
"version": "V500R001C30SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C30SPC200"
},
{
"status": "affected",
"version": "V500R001C30SPC200PWE"
},
{
"status": "affected",
"version": "V500R001C30SPC300"
},
{
"status": "affected",
"version": "V500R001C50"
},
{
"status": "affected",
"version": "V500R001C50PWE"
},
{
"status": "affected",
"version": "V500R001C80"
},
{
"status": "affected",
"version": "V500R005C00"
},
{
"status": "affected",
"version": "V500R001C00SPC500PWE"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C00SPC100"
},
{
"status": "affected",
"version": "V500R002C00SPC100PWE"
},
{
"status": "affected",
"version": "V500R002C00SPC200"
},
{
"status": "affected",
"version": "V500R002C00SPC200PWE"
},
{
"status": "affected",
"version": "V500R002C00SPC300"
},
{
"status": "affected",
"version": "V500R002C10"
},
{
"status": "affected",
"version": "V500R002C10PWE"
},
{
"status": "affected",
"version": "V500R002C30"
},
{
"status": "affected",
"version": "V500R002C30PWE"
},
{
"status": "affected",
"version": "V200R005C03"
},
{
"status": "affected",
"version": "V200R003C00SPC100"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R001C00"
},
{
"status": "affected",
"version": "V500R001C00SPC200"
},
{
"status": "affected",
"version": "V500R001C00SPC600"
},
{
"status": "affected",
"version": "V500R001C00SPC700"
},
{
"status": "affected",
"version": "V500R001C20SPC300"
},
{
"status": "affected",
"version": "V500R001C20SPC500"
},
{
"status": "affected",
"version": "V500R001C20SPC600"
},
{
"status": "affected",
"version": "V500R001C60SPC100"
},
{
"status": "affected",
"version": "V500R001C60SPC101"
},
{
"status": "affected",
"version": "V500R001C60SPC200"
},
{
"status": "affected",
"version": "V500R001C60SPC300"
},
{
"status": "affected",
"version": "V500R001C60SPC500"
},
{
"status": "affected",
"version": "V500R001C60SPC600"
},
{
"status": "affected",
"version": "V500R005C00SPC100"
},
{
"status": "affected",
"version": "V100R001C20SPC100"
},
{
"status": "affected",
"version": "V500R001C20SPC101"
},
{
"status": "affected",
"version": "V500R001C80PWE"
},
{
"status": "affected",
"version": "V100R001C00SPC200"
},
{
"status": "affected",
"version": "V100R001C10SPC200"
},
{
"status": "affected",
"version": "V100R001C10SPC201"
},
{
"status": "affected",
"version": "V100R001C20SPC200"
},
{
"status": "affected",
"version": "V500R001C00SPC050"
},
{
"status": "affected",
"version": "V500R001C00SPC090"
},
{
"status": "affected",
"version": "V500R001C30SPC500"
},
{
"status": "affected",
"version": "V500R001C30SPC600"
},
{
"status": "affected",
"version": "V500R001C30SPC600PWE"
},
{
"status": "affected",
"version": "V500R001C30SPC601"
},
{
"status": "affected",
"version": "V500R001C50SPC009"
},
{
"status": "affected",
"version": "V500R001C50SPC100"
},
{
"status": "affected",
"version": "V500R001C50SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C50SPC200"
},
{
"status": "affected",
"version": "V500R001C50SPC200PWE"
},
{
"status": "affected",
"version": "V500R001C50SPC300"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R001C60SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C60SPC200PWE"
},
{
"status": "affected",
"version": "V500R005C00SPC102"
},
{
"status": "affected",
"version": "V500R001C10"
},
{
"status": "affected",
"version": "V500R001C10SPC100"
},
{
"status": "affected",
"version": "V500R001C10SPC200"
},
{
"status": "affected",
"version": "V500R003C00"
},
{
"status": "affected",
"version": "V500R003C00SPC100"
},
{
"status": "affected",
"version": "V200R003C50SPC700"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have an out-of-bounds read vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the affected board to be abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "out-of-bounds read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-13T22:51:29",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-5254",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981",
"version": {
"version_data": [
{
"version_value": "V200R005C30"
},
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R006C20"
},
{
"version_value": "V200R007C10"
},
{
"version_value": "V200R007C20"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R008C10"
},
{
"version_value": "V200R009C00"
},
{
"version_value": "V500R001C00SPC300"
},
{
"version_value": "V500R001C00SPC500"
},
{
"version_value": "V500R001C00SPH303"
},
{
"version_value": "V500R001C00SPH508"
},
{
"version_value": "V500R001C20"
},
{
"version_value": "V500R001C20SPC100"
},
{
"version_value": "V500R001C20SPC100PWE"
},
{
"version_value": "V500R001C20SPC200"
},
{
"version_value": "V500R001C20SPC200B062"
},
{
"version_value": "V500R001C20SPC200PWE"
},
{
"version_value": "V500R001C20SPC300B078"
},
{
"version_value": "V500R001C20SPC300PWE"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C30SPC100"
},
{
"version_value": "V500R001C30SPC100PWE"
},
{
"version_value": "V500R001C30SPC200"
},
{
"version_value": "V500R001C30SPC200PWE"
},
{
"version_value": "V500R001C30SPC300"
},
{
"version_value": "V500R001C50"
},
{
"version_value": "V500R001C50PWE"
},
{
"version_value": "V500R001C80"
},
{
"version_value": "V500R005C00"
},
{
"version_value": "V500R001C00SPC500PWE"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V500R002C00SPC100"
},
{
"version_value": "V500R002C00SPC100PWE"
},
{
"version_value": "V500R002C00SPC200"
},
{
"version_value": "V500R002C00SPC200PWE"
},
{
"version_value": "V500R002C00SPC300"
},
{
"version_value": "V500R002C10"
},
{
"version_value": "V500R002C10PWE"
},
{
"version_value": "V500R002C30"
},
{
"version_value": "V500R002C30PWE"
},
{
"version_value": "V200R005C03"
},
{
"version_value": "V200R003C00SPC100"
},
{
"version_value": "V500R002C20"
},
{
"version_value": "V500R001C00"
},
{
"version_value": "V500R001C00SPC200"
},
{
"version_value": "V500R001C00SPC600"
},
{
"version_value": "V500R001C00SPC700"
},
{
"version_value": "V500R001C20SPC300"
},
{
"version_value": "V500R001C20SPC500"
},
{
"version_value": "V500R001C20SPC600"
},
{
"version_value": "V500R001C60SPC100"
},
{
"version_value": "V500R001C60SPC101"
},
{
"version_value": "V500R001C60SPC200"
},
{
"version_value": "V500R001C60SPC300"
},
{
"version_value": "V500R001C60SPC500"
},
{
"version_value": "V500R001C60SPC600"
},
{
"version_value": "V500R005C00SPC100"
},
{
"version_value": "V100R001C20SPC100"
},
{
"version_value": "V500R001C20SPC101"
},
{
"version_value": "V500R001C80PWE"
},
{
"version_value": "V100R001C00SPC200"
},
{
"version_value": "V100R001C10SPC200"
},
{
"version_value": "V100R001C10SPC201"
},
{
"version_value": "V100R001C20SPC200"
},
{
"version_value": "V500R001C00SPC050"
},
{
"version_value": "V500R001C00SPC090"
},
{
"version_value": "V500R001C30SPC500"
},
{
"version_value": "V500R001C30SPC600"
},
{
"version_value": "V500R001C30SPC600PWE"
},
{
"version_value": "V500R001C30SPC601"
},
{
"version_value": "V500R001C50SPC009"
},
{
"version_value": "V500R001C50SPC100"
},
{
"version_value": "V500R001C50SPC100PWE"
},
{
"version_value": "V500R001C50SPC200"
},
{
"version_value": "V500R001C50SPC200PWE"
},
{
"version_value": "V500R001C50SPC300"
},
{
"version_value": "V500R001C60"
},
{
"version_value": "V500R001C60SPC100PWE"
},
{
"version_value": "V500R001C60SPC200PWE"
},
{
"version_value": "V500R005C00SPC102"
},
{
"version_value": "V500R001C10"
},
{
"version_value": "V500R001C10SPC100"
},
{
"version_value": "V500R001C10SPC200"
},
{
"version_value": "V500R003C00"
},
{
"version_value": "V500R003C00SPC100"
},
{
"version_value": "V200R003C50SPC700"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have an out-of-bounds read vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the affected board to be abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "out-of-bounds read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-5254",
"datePublished": "2019-12-13T22:51:29",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:47:56.865Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5255 (GCVE-0-2019-5255)
Vulnerability from cvelistv5 – Published: 2019-12-13 22:48 – Updated: 2024-08-04 19:47
VLAI?
Summary
Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a DoS vulnerability. An attacker may send crafted messages from a FTP client to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the system out-of-bounds read and result in a denial of service condition of the affected service.
Severity ?
No CVSS data available.
CWE
- DoS
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981 |
Affected:
V200R005C30
Affected: V200R006C10 Affected: V200R006C20 Affected: V200R007C10 Affected: V200R007C20 Affected: V200R008C00 Affected: V200R008C10 Affected: V200R009C00 Affected: V500R001C00SPC300 Affected: V500R001C00SPC500 Affected: V500R001C00SPH303 Affected: V500R001C00SPH508 Affected: V500R001C20 Affected: V500R001C20SPC100 Affected: V500R001C20SPC100PWE Affected: V500R001C20SPC200 Affected: V500R001C20SPC200B062 Affected: V500R001C20SPC200PWE Affected: V500R001C20SPC300B078 Affected: V500R001C20SPC300PWE Affected: V500R001C30 Affected: V500R001C30SPC100 Affected: V500R001C30SPC100PWE Affected: V500R001C30SPC200 Affected: V500R001C30SPC200PWE Affected: V500R001C30SPC300 Affected: V500R001C50 Affected: V500R001C50PWE Affected: V500R001C80 Affected: V500R005C00 Affected: V500R001C00SPC500PWE Affected: V500R002C00 Affected: V500R002C00SPC100 Affected: V500R002C00SPC100PWE Affected: V500R002C00SPC200 Affected: V500R002C00SPC200PWE Affected: V500R002C00SPC300 Affected: V500R002C10 Affected: V500R002C10PWE Affected: V500R002C30 Affected: V500R002C30PWE Affected: V200R005C03 Affected: V200R003C00SPC100 Affected: V500R002C20 Affected: V500R001C00 Affected: V500R001C00SPC200 Affected: V500R001C00SPC600 Affected: V500R001C00SPC700 Affected: V500R001C20SPC300 Affected: V500R001C20SPC500 Affected: V500R001C20SPC600 Affected: V500R001C60SPC100 Affected: V500R001C60SPC101 Affected: V500R001C60SPC200 Affected: V500R001C60SPC300 Affected: V500R001C60SPC500 Affected: V500R001C60SPC600 Affected: V500R005C00SPC100 Affected: V100R001C20SPC100 Affected: V500R001C20SPC101 Affected: V500R001C80PWE Affected: V100R001C00SPC200 Affected: V100R001C10SPC200 Affected: V100R001C10SPC201 Affected: V100R001C20SPC200 Affected: V500R001C00SPC050 Affected: V500R001C00SPC090 Affected: V500R001C30SPC500 Affected: V500R001C30SPC600 Affected: V500R001C30SPC600PWE Affected: V500R001C30SPC601 Affected: V500R001C50SPC009 Affected: V500R001C50SPC100 Affected: V500R001C50SPC100PWE Affected: V500R001C50SPC200 Affected: V500R001C50SPC200PWE Affected: V500R001C50SPC300 Affected: V500R001C60 Affected: V500R001C60SPC100PWE Affected: V500R001C60SPC200PWE Affected: V500R005C00SPC102 Affected: V500R001C10 Affected: V500R001C10SPC100 Affected: V500R001C10SPC200 Affected: V500R003C00 Affected: V500R003C00SPC100 Affected: V200R003C50SPC700 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:47:56.961Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R005C30"
},
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R006C20"
},
{
"status": "affected",
"version": "V200R007C10"
},
{
"status": "affected",
"version": "V200R007C20"
},
{
"status": "affected",
"version": "V200R008C00"
},
{
"status": "affected",
"version": "V200R008C10"
},
{
"status": "affected",
"version": "V200R009C00"
},
{
"status": "affected",
"version": "V500R001C00SPC300"
},
{
"status": "affected",
"version": "V500R001C00SPC500"
},
{
"status": "affected",
"version": "V500R001C00SPH303"
},
{
"status": "affected",
"version": "V500R001C00SPH508"
},
{
"status": "affected",
"version": "V500R001C20"
},
{
"status": "affected",
"version": "V500R001C20SPC100"
},
{
"status": "affected",
"version": "V500R001C20SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C20SPC200"
},
{
"status": "affected",
"version": "V500R001C20SPC200B062"
},
{
"status": "affected",
"version": "V500R001C20SPC200PWE"
},
{
"status": "affected",
"version": "V500R001C20SPC300B078"
},
{
"status": "affected",
"version": "V500R001C20SPC300PWE"
},
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C30SPC100"
},
{
"status": "affected",
"version": "V500R001C30SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C30SPC200"
},
{
"status": "affected",
"version": "V500R001C30SPC200PWE"
},
{
"status": "affected",
"version": "V500R001C30SPC300"
},
{
"status": "affected",
"version": "V500R001C50"
},
{
"status": "affected",
"version": "V500R001C50PWE"
},
{
"status": "affected",
"version": "V500R001C80"
},
{
"status": "affected",
"version": "V500R005C00"
},
{
"status": "affected",
"version": "V500R001C00SPC500PWE"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C00SPC100"
},
{
"status": "affected",
"version": "V500R002C00SPC100PWE"
},
{
"status": "affected",
"version": "V500R002C00SPC200"
},
{
"status": "affected",
"version": "V500R002C00SPC200PWE"
},
{
"status": "affected",
"version": "V500R002C00SPC300"
},
{
"status": "affected",
"version": "V500R002C10"
},
{
"status": "affected",
"version": "V500R002C10PWE"
},
{
"status": "affected",
"version": "V500R002C30"
},
{
"status": "affected",
"version": "V500R002C30PWE"
},
{
"status": "affected",
"version": "V200R005C03"
},
{
"status": "affected",
"version": "V200R003C00SPC100"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R001C00"
},
{
"status": "affected",
"version": "V500R001C00SPC200"
},
{
"status": "affected",
"version": "V500R001C00SPC600"
},
{
"status": "affected",
"version": "V500R001C00SPC700"
},
{
"status": "affected",
"version": "V500R001C20SPC300"
},
{
"status": "affected",
"version": "V500R001C20SPC500"
},
{
"status": "affected",
"version": "V500R001C20SPC600"
},
{
"status": "affected",
"version": "V500R001C60SPC100"
},
{
"status": "affected",
"version": "V500R001C60SPC101"
},
{
"status": "affected",
"version": "V500R001C60SPC200"
},
{
"status": "affected",
"version": "V500R001C60SPC300"
},
{
"status": "affected",
"version": "V500R001C60SPC500"
},
{
"status": "affected",
"version": "V500R001C60SPC600"
},
{
"status": "affected",
"version": "V500R005C00SPC100"
},
{
"status": "affected",
"version": "V100R001C20SPC100"
},
{
"status": "affected",
"version": "V500R001C20SPC101"
},
{
"status": "affected",
"version": "V500R001C80PWE"
},
{
"status": "affected",
"version": "V100R001C00SPC200"
},
{
"status": "affected",
"version": "V100R001C10SPC200"
},
{
"status": "affected",
"version": "V100R001C10SPC201"
},
{
"status": "affected",
"version": "V100R001C20SPC200"
},
{
"status": "affected",
"version": "V500R001C00SPC050"
},
{
"status": "affected",
"version": "V500R001C00SPC090"
},
{
"status": "affected",
"version": "V500R001C30SPC500"
},
{
"status": "affected",
"version": "V500R001C30SPC600"
},
{
"status": "affected",
"version": "V500R001C30SPC600PWE"
},
{
"status": "affected",
"version": "V500R001C30SPC601"
},
{
"status": "affected",
"version": "V500R001C50SPC009"
},
{
"status": "affected",
"version": "V500R001C50SPC100"
},
{
"status": "affected",
"version": "V500R001C50SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C50SPC200"
},
{
"status": "affected",
"version": "V500R001C50SPC200PWE"
},
{
"status": "affected",
"version": "V500R001C50SPC300"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R001C60SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C60SPC200PWE"
},
{
"status": "affected",
"version": "V500R005C00SPC102"
},
{
"status": "affected",
"version": "V500R001C10"
},
{
"status": "affected",
"version": "V500R001C10SPC100"
},
{
"status": "affected",
"version": "V500R001C10SPC200"
},
{
"status": "affected",
"version": "V500R003C00"
},
{
"status": "affected",
"version": "V500R003C00SPC100"
},
{
"status": "affected",
"version": "V200R003C50SPC700"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a DoS vulnerability. An attacker may send crafted messages from a FTP client to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the system out-of-bounds read and result in a denial of service condition of the affected service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DoS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-13T22:48:31",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-5255",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981",
"version": {
"version_data": [
{
"version_value": "V200R005C30"
},
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R006C20"
},
{
"version_value": "V200R007C10"
},
{
"version_value": "V200R007C20"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R008C10"
},
{
"version_value": "V200R009C00"
},
{
"version_value": "V500R001C00SPC300"
},
{
"version_value": "V500R001C00SPC500"
},
{
"version_value": "V500R001C00SPH303"
},
{
"version_value": "V500R001C00SPH508"
},
{
"version_value": "V500R001C20"
},
{
"version_value": "V500R001C20SPC100"
},
{
"version_value": "V500R001C20SPC100PWE"
},
{
"version_value": "V500R001C20SPC200"
},
{
"version_value": "V500R001C20SPC200B062"
},
{
"version_value": "V500R001C20SPC200PWE"
},
{
"version_value": "V500R001C20SPC300B078"
},
{
"version_value": "V500R001C20SPC300PWE"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C30SPC100"
},
{
"version_value": "V500R001C30SPC100PWE"
},
{
"version_value": "V500R001C30SPC200"
},
{
"version_value": "V500R001C30SPC200PWE"
},
{
"version_value": "V500R001C30SPC300"
},
{
"version_value": "V500R001C50"
},
{
"version_value": "V500R001C50PWE"
},
{
"version_value": "V500R001C80"
},
{
"version_value": "V500R005C00"
},
{
"version_value": "V500R001C00SPC500PWE"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V500R002C00SPC100"
},
{
"version_value": "V500R002C00SPC100PWE"
},
{
"version_value": "V500R002C00SPC200"
},
{
"version_value": "V500R002C00SPC200PWE"
},
{
"version_value": "V500R002C00SPC300"
},
{
"version_value": "V500R002C10"
},
{
"version_value": "V500R002C10PWE"
},
{
"version_value": "V500R002C30"
},
{
"version_value": "V500R002C30PWE"
},
{
"version_value": "V200R005C03"
},
{
"version_value": "V200R003C00SPC100"
},
{
"version_value": "V500R002C20"
},
{
"version_value": "V500R001C00"
},
{
"version_value": "V500R001C00SPC200"
},
{
"version_value": "V500R001C00SPC600"
},
{
"version_value": "V500R001C00SPC700"
},
{
"version_value": "V500R001C20SPC300"
},
{
"version_value": "V500R001C20SPC500"
},
{
"version_value": "V500R001C20SPC600"
},
{
"version_value": "V500R001C60SPC100"
},
{
"version_value": "V500R001C60SPC101"
},
{
"version_value": "V500R001C60SPC200"
},
{
"version_value": "V500R001C60SPC300"
},
{
"version_value": "V500R001C60SPC500"
},
{
"version_value": "V500R001C60SPC600"
},
{
"version_value": "V500R005C00SPC100"
},
{
"version_value": "V100R001C20SPC100"
},
{
"version_value": "V500R001C20SPC101"
},
{
"version_value": "V500R001C80PWE"
},
{
"version_value": "V100R001C00SPC200"
},
{
"version_value": "V100R001C10SPC200"
},
{
"version_value": "V100R001C10SPC201"
},
{
"version_value": "V100R001C20SPC200"
},
{
"version_value": "V500R001C00SPC050"
},
{
"version_value": "V500R001C00SPC090"
},
{
"version_value": "V500R001C30SPC500"
},
{
"version_value": "V500R001C30SPC600"
},
{
"version_value": "V500R001C30SPC600PWE"
},
{
"version_value": "V500R001C30SPC601"
},
{
"version_value": "V500R001C50SPC009"
},
{
"version_value": "V500R001C50SPC100"
},
{
"version_value": "V500R001C50SPC100PWE"
},
{
"version_value": "V500R001C50SPC200"
},
{
"version_value": "V500R001C50SPC200PWE"
},
{
"version_value": "V500R001C50SPC300"
},
{
"version_value": "V500R001C60"
},
{
"version_value": "V500R001C60SPC100PWE"
},
{
"version_value": "V500R001C60SPC200PWE"
},
{
"version_value": "V500R005C00SPC102"
},
{
"version_value": "V500R001C10"
},
{
"version_value": "V500R001C10SPC100"
},
{
"version_value": "V500R001C10SPC200"
},
{
"version_value": "V500R003C00"
},
{
"version_value": "V500R003C00SPC100"
},
{
"version_value": "V200R003C50SPC700"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a DoS vulnerability. An attacker may send crafted messages from a FTP client to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the system out-of-bounds read and result in a denial of service condition of the affected service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-5255",
"datePublished": "2019-12-13T22:48:31",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:47:56.961Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5256 (GCVE-0-2019-5256)
Vulnerability from cvelistv5 – Published: 2019-12-13 22:45 – Updated: 2024-08-04 19:47
VLAI?
Summary
Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a null pointer dereference vulnerability. The system dereferences a pointer that it expects to be valid, but is NULL. A local attacker could exploit this vulnerability by sending crafted parameters. A successful exploit could cause a denial of service and the process reboot.
Severity ?
No CVSS data available.
CWE
- null pointer dereference
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981 |
Affected:
V200R005C30
Affected: V200R006C10 Affected: V200R006C20 Affected: V200R007C10 Affected: V200R007C20 Affected: V200R008C00 Affected: V200R008C10 Affected: V200R009C00 Affected: V500R001C00SPC300 Affected: V500R001C00SPC500 Affected: V500R001C00SPH303 Affected: V500R001C00SPH508 Affected: V500R001C20 Affected: V500R001C20SPC100 Affected: V500R001C20SPC100PWE Affected: V500R001C20SPC200 Affected: V500R001C20SPC200B062 Affected: V500R001C20SPC200PWE Affected: V500R001C20SPC300B078 Affected: V500R001C20SPC300PWE Affected: V500R001C30 Affected: V500R001C30SPC100 Affected: V500R001C30SPC100PWE Affected: V500R001C30SPC200 Affected: V500R001C30SPC200PWE Affected: V500R001C30SPC300 Affected: V500R001C50 Affected: V500R001C50PWE Affected: V500R001C80 Affected: V500R005C00 Affected: V500R001C00SPC500PWE Affected: V500R002C00 Affected: V500R002C00SPC100 Affected: V500R002C00SPC100PWE Affected: V500R002C00SPC200 Affected: V500R002C00SPC200PWE Affected: V500R002C00SPC300 Affected: V500R002C10 Affected: V500R002C10PWE Affected: V500R002C30 Affected: V500R002C30PWE Affected: V200R005C03 Affected: V200R003C00SPC100 Affected: V500R002C20 Affected: V500R001C00 Affected: V500R001C00SPC200 Affected: V500R001C00SPC600 Affected: V500R001C00SPC700 Affected: V500R001C20SPC300 Affected: V500R001C20SPC500 Affected: V500R001C20SPC600 Affected: V500R001C60SPC100 Affected: V500R001C60SPC101 Affected: V500R001C60SPC200 Affected: V500R001C60SPC300 Affected: V500R001C60SPC500 Affected: V500R001C60SPC600 Affected: V500R005C00SPC100 Affected: V100R001C20SPC100 Affected: V500R001C20SPC101 Affected: V500R001C80PWE Affected: V100R001C00SPC200 Affected: V100R001C10SPC200 Affected: V100R001C10SPC201 Affected: V100R001C20SPC200 Affected: V500R001C00SPC050 Affected: V500R001C00SPC090 Affected: V500R001C30SPC500 Affected: V500R001C30SPC600 Affected: V500R001C30SPC600PWE Affected: V500R001C30SPC601 Affected: V500R001C50SPC009 Affected: V500R001C50SPC100 Affected: V500R001C50SPC100PWE Affected: V500R001C50SPC200 Affected: V500R001C50SPC200PWE Affected: V500R001C50SPC300 Affected: V500R001C60 Affected: V500R001C60SPC100PWE Affected: V500R001C60SPC200PWE Affected: V500R005C00SPC102 Affected: V500R001C10 Affected: V500R001C10SPC100 Affected: V500R001C10SPC200 Affected: V500R003C00 Affected: V500R003C00SPC100 Affected: V200R003C50SPC700 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:47:56.652Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R005C30"
},
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R006C20"
},
{
"status": "affected",
"version": "V200R007C10"
},
{
"status": "affected",
"version": "V200R007C20"
},
{
"status": "affected",
"version": "V200R008C00"
},
{
"status": "affected",
"version": "V200R008C10"
},
{
"status": "affected",
"version": "V200R009C00"
},
{
"status": "affected",
"version": "V500R001C00SPC300"
},
{
"status": "affected",
"version": "V500R001C00SPC500"
},
{
"status": "affected",
"version": "V500R001C00SPH303"
},
{
"status": "affected",
"version": "V500R001C00SPH508"
},
{
"status": "affected",
"version": "V500R001C20"
},
{
"status": "affected",
"version": "V500R001C20SPC100"
},
{
"status": "affected",
"version": "V500R001C20SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C20SPC200"
},
{
"status": "affected",
"version": "V500R001C20SPC200B062"
},
{
"status": "affected",
"version": "V500R001C20SPC200PWE"
},
{
"status": "affected",
"version": "V500R001C20SPC300B078"
},
{
"status": "affected",
"version": "V500R001C20SPC300PWE"
},
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C30SPC100"
},
{
"status": "affected",
"version": "V500R001C30SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C30SPC200"
},
{
"status": "affected",
"version": "V500R001C30SPC200PWE"
},
{
"status": "affected",
"version": "V500R001C30SPC300"
},
{
"status": "affected",
"version": "V500R001C50"
},
{
"status": "affected",
"version": "V500R001C50PWE"
},
{
"status": "affected",
"version": "V500R001C80"
},
{
"status": "affected",
"version": "V500R005C00"
},
{
"status": "affected",
"version": "V500R001C00SPC500PWE"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C00SPC100"
},
{
"status": "affected",
"version": "V500R002C00SPC100PWE"
},
{
"status": "affected",
"version": "V500R002C00SPC200"
},
{
"status": "affected",
"version": "V500R002C00SPC200PWE"
},
{
"status": "affected",
"version": "V500R002C00SPC300"
},
{
"status": "affected",
"version": "V500R002C10"
},
{
"status": "affected",
"version": "V500R002C10PWE"
},
{
"status": "affected",
"version": "V500R002C30"
},
{
"status": "affected",
"version": "V500R002C30PWE"
},
{
"status": "affected",
"version": "V200R005C03"
},
{
"status": "affected",
"version": "V200R003C00SPC100"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R001C00"
},
{
"status": "affected",
"version": "V500R001C00SPC200"
},
{
"status": "affected",
"version": "V500R001C00SPC600"
},
{
"status": "affected",
"version": "V500R001C00SPC700"
},
{
"status": "affected",
"version": "V500R001C20SPC300"
},
{
"status": "affected",
"version": "V500R001C20SPC500"
},
{
"status": "affected",
"version": "V500R001C20SPC600"
},
{
"status": "affected",
"version": "V500R001C60SPC100"
},
{
"status": "affected",
"version": "V500R001C60SPC101"
},
{
"status": "affected",
"version": "V500R001C60SPC200"
},
{
"status": "affected",
"version": "V500R001C60SPC300"
},
{
"status": "affected",
"version": "V500R001C60SPC500"
},
{
"status": "affected",
"version": "V500R001C60SPC600"
},
{
"status": "affected",
"version": "V500R005C00SPC100"
},
{
"status": "affected",
"version": "V100R001C20SPC100"
},
{
"status": "affected",
"version": "V500R001C20SPC101"
},
{
"status": "affected",
"version": "V500R001C80PWE"
},
{
"status": "affected",
"version": "V100R001C00SPC200"
},
{
"status": "affected",
"version": "V100R001C10SPC200"
},
{
"status": "affected",
"version": "V100R001C10SPC201"
},
{
"status": "affected",
"version": "V100R001C20SPC200"
},
{
"status": "affected",
"version": "V500R001C00SPC050"
},
{
"status": "affected",
"version": "V500R001C00SPC090"
},
{
"status": "affected",
"version": "V500R001C30SPC500"
},
{
"status": "affected",
"version": "V500R001C30SPC600"
},
{
"status": "affected",
"version": "V500R001C30SPC600PWE"
},
{
"status": "affected",
"version": "V500R001C30SPC601"
},
{
"status": "affected",
"version": "V500R001C50SPC009"
},
{
"status": "affected",
"version": "V500R001C50SPC100"
},
{
"status": "affected",
"version": "V500R001C50SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C50SPC200"
},
{
"status": "affected",
"version": "V500R001C50SPC200PWE"
},
{
"status": "affected",
"version": "V500R001C50SPC300"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R001C60SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C60SPC200PWE"
},
{
"status": "affected",
"version": "V500R005C00SPC102"
},
{
"status": "affected",
"version": "V500R001C10"
},
{
"status": "affected",
"version": "V500R001C10SPC100"
},
{
"status": "affected",
"version": "V500R001C10SPC200"
},
{
"status": "affected",
"version": "V500R003C00"
},
{
"status": "affected",
"version": "V500R003C00SPC100"
},
{
"status": "affected",
"version": "V200R003C50SPC700"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a null pointer dereference vulnerability. The system dereferences a pointer that it expects to be valid, but is NULL. A local attacker could exploit this vulnerability by sending crafted parameters. A successful exploit could cause a denial of service and the process reboot."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "null pointer dereference",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-13T22:45:34",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-5256",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981",
"version": {
"version_data": [
{
"version_value": "V200R005C30"
},
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R006C20"
},
{
"version_value": "V200R007C10"
},
{
"version_value": "V200R007C20"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R008C10"
},
{
"version_value": "V200R009C00"
},
{
"version_value": "V500R001C00SPC300"
},
{
"version_value": "V500R001C00SPC500"
},
{
"version_value": "V500R001C00SPH303"
},
{
"version_value": "V500R001C00SPH508"
},
{
"version_value": "V500R001C20"
},
{
"version_value": "V500R001C20SPC100"
},
{
"version_value": "V500R001C20SPC100PWE"
},
{
"version_value": "V500R001C20SPC200"
},
{
"version_value": "V500R001C20SPC200B062"
},
{
"version_value": "V500R001C20SPC200PWE"
},
{
"version_value": "V500R001C20SPC300B078"
},
{
"version_value": "V500R001C20SPC300PWE"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C30SPC100"
},
{
"version_value": "V500R001C30SPC100PWE"
},
{
"version_value": "V500R001C30SPC200"
},
{
"version_value": "V500R001C30SPC200PWE"
},
{
"version_value": "V500R001C30SPC300"
},
{
"version_value": "V500R001C50"
},
{
"version_value": "V500R001C50PWE"
},
{
"version_value": "V500R001C80"
},
{
"version_value": "V500R005C00"
},
{
"version_value": "V500R001C00SPC500PWE"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V500R002C00SPC100"
},
{
"version_value": "V500R002C00SPC100PWE"
},
{
"version_value": "V500R002C00SPC200"
},
{
"version_value": "V500R002C00SPC200PWE"
},
{
"version_value": "V500R002C00SPC300"
},
{
"version_value": "V500R002C10"
},
{
"version_value": "V500R002C10PWE"
},
{
"version_value": "V500R002C30"
},
{
"version_value": "V500R002C30PWE"
},
{
"version_value": "V200R005C03"
},
{
"version_value": "V200R003C00SPC100"
},
{
"version_value": "V500R002C20"
},
{
"version_value": "V500R001C00"
},
{
"version_value": "V500R001C00SPC200"
},
{
"version_value": "V500R001C00SPC600"
},
{
"version_value": "V500R001C00SPC700"
},
{
"version_value": "V500R001C20SPC300"
},
{
"version_value": "V500R001C20SPC500"
},
{
"version_value": "V500R001C20SPC600"
},
{
"version_value": "V500R001C60SPC100"
},
{
"version_value": "V500R001C60SPC101"
},
{
"version_value": "V500R001C60SPC200"
},
{
"version_value": "V500R001C60SPC300"
},
{
"version_value": "V500R001C60SPC500"
},
{
"version_value": "V500R001C60SPC600"
},
{
"version_value": "V500R005C00SPC100"
},
{
"version_value": "V100R001C20SPC100"
},
{
"version_value": "V500R001C20SPC101"
},
{
"version_value": "V500R001C80PWE"
},
{
"version_value": "V100R001C00SPC200"
},
{
"version_value": "V100R001C10SPC200"
},
{
"version_value": "V100R001C10SPC201"
},
{
"version_value": "V100R001C20SPC200"
},
{
"version_value": "V500R001C00SPC050"
},
{
"version_value": "V500R001C00SPC090"
},
{
"version_value": "V500R001C30SPC500"
},
{
"version_value": "V500R001C30SPC600"
},
{
"version_value": "V500R001C30SPC600PWE"
},
{
"version_value": "V500R001C30SPC601"
},
{
"version_value": "V500R001C50SPC009"
},
{
"version_value": "V500R001C50SPC100"
},
{
"version_value": "V500R001C50SPC100PWE"
},
{
"version_value": "V500R001C50SPC200"
},
{
"version_value": "V500R001C50SPC200PWE"
},
{
"version_value": "V500R001C50SPC300"
},
{
"version_value": "V500R001C60"
},
{
"version_value": "V500R001C60SPC100PWE"
},
{
"version_value": "V500R001C60SPC200PWE"
},
{
"version_value": "V500R005C00SPC102"
},
{
"version_value": "V500R001C10"
},
{
"version_value": "V500R001C10SPC100"
},
{
"version_value": "V500R001C10SPC200"
},
{
"version_value": "V500R003C00"
},
{
"version_value": "V500R003C00SPC100"
},
{
"version_value": "V200R003C50SPC700"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a null pointer dereference vulnerability. The system dereferences a pointer that it expects to be valid, but is NULL. A local attacker could exploit this vulnerability by sending crafted parameters. A successful exploit could cause a denial of service and the process reboot."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "null pointer dereference"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-5256",
"datePublished": "2019-12-13T22:45:34",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:47:56.652Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5258 (GCVE-0-2019-5258)
Vulnerability from cvelistv5 – Published: 2019-12-13 22:41 – Updated: 2024-08-04 19:47
VLAI?
Summary
Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a buffer overflow vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the affected board to be abnormal.
Severity ?
No CVSS data available.
CWE
- buffer overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981 |
Affected:
V200R005C30
Affected: V200R006C10 Affected: V200R006C20 Affected: V200R007C10 Affected: V200R007C20 Affected: V200R008C00 Affected: V200R008C10 Affected: V200R009C00 Affected: V500R001C00SPC300 Affected: V500R001C00SPC500 Affected: V500R001C00SPH303 Affected: V500R001C00SPH508 Affected: V500R001C20 Affected: V500R001C20SPC100 Affected: V500R001C20SPC100PWE Affected: V500R001C20SPC200 Affected: V500R001C20SPC200B062 Affected: V500R001C20SPC200PWE Affected: V500R001C20SPC300B078 Affected: V500R001C20SPC300PWE Affected: V500R001C30 Affected: V500R001C30SPC100 Affected: V500R001C30SPC100PWE Affected: V500R001C30SPC200 Affected: V500R001C30SPC200PWE Affected: V500R001C30SPC300 Affected: V500R001C50 Affected: V500R001C50PWE Affected: V500R001C80 Affected: V500R005C00 Affected: V500R001C00SPC500PWE Affected: V500R002C00 Affected: V500R002C00SPC100 Affected: V500R002C00SPC100PWE Affected: V500R002C00SPC200 Affected: V500R002C00SPC200PWE Affected: V500R002C00SPC300 Affected: V500R002C10 Affected: V500R002C10PWE Affected: V500R002C30 Affected: V500R002C30PWE Affected: V200R005C03 Affected: V200R003C00SPC100 Affected: V500R002C20 Affected: V500R001C00 Affected: V500R001C00SPC200 Affected: V500R001C00SPC600 Affected: V500R001C00SPC700 Affected: V500R001C20SPC300 Affected: V500R001C20SPC500 Affected: V500R001C20SPC600 Affected: V500R001C60SPC100 Affected: V500R001C60SPC101 Affected: V500R001C60SPC200 Affected: V500R001C60SPC300 Affected: V500R001C60SPC500 Affected: V500R001C60SPC600 Affected: V500R005C00SPC100 Affected: V100R001C20SPC100 Affected: V500R001C20SPC101 Affected: V500R001C80PWE Affected: V100R001C00SPC200 Affected: V100R001C10SPC200 Affected: V100R001C10SPC201 Affected: V100R001C20SPC200 Affected: V500R001C00SPC050 Affected: V500R001C00SPC090 Affected: V500R001C30SPC500 Affected: V500R001C30SPC600 Affected: V500R001C30SPC600PWE Affected: V500R001C30SPC601 Affected: V500R001C50SPC009 Affected: V500R001C50SPC100 Affected: V500R001C50SPC100PWE Affected: V500R001C50SPC200 Affected: V500R001C50SPC200PWE Affected: V500R001C50SPC300 Affected: V500R001C60 Affected: V500R001C60SPC100PWE Affected: V500R001C60SPC200PWE Affected: V500R005C00SPC102 Affected: V500R001C10 Affected: V500R001C10SPC100 Affected: V500R001C10SPC200 Affected: V500R003C00 Affected: V500R003C00SPC100 Affected: V200R003C50SPC700 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:47:56.829Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R005C30"
},
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R006C20"
},
{
"status": "affected",
"version": "V200R007C10"
},
{
"status": "affected",
"version": "V200R007C20"
},
{
"status": "affected",
"version": "V200R008C00"
},
{
"status": "affected",
"version": "V200R008C10"
},
{
"status": "affected",
"version": "V200R009C00"
},
{
"status": "affected",
"version": "V500R001C00SPC300"
},
{
"status": "affected",
"version": "V500R001C00SPC500"
},
{
"status": "affected",
"version": "V500R001C00SPH303"
},
{
"status": "affected",
"version": "V500R001C00SPH508"
},
{
"status": "affected",
"version": "V500R001C20"
},
{
"status": "affected",
"version": "V500R001C20SPC100"
},
{
"status": "affected",
"version": "V500R001C20SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C20SPC200"
},
{
"status": "affected",
"version": "V500R001C20SPC200B062"
},
{
"status": "affected",
"version": "V500R001C20SPC200PWE"
},
{
"status": "affected",
"version": "V500R001C20SPC300B078"
},
{
"status": "affected",
"version": "V500R001C20SPC300PWE"
},
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C30SPC100"
},
{
"status": "affected",
"version": "V500R001C30SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C30SPC200"
},
{
"status": "affected",
"version": "V500R001C30SPC200PWE"
},
{
"status": "affected",
"version": "V500R001C30SPC300"
},
{
"status": "affected",
"version": "V500R001C50"
},
{
"status": "affected",
"version": "V500R001C50PWE"
},
{
"status": "affected",
"version": "V500R001C80"
},
{
"status": "affected",
"version": "V500R005C00"
},
{
"status": "affected",
"version": "V500R001C00SPC500PWE"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C00SPC100"
},
{
"status": "affected",
"version": "V500R002C00SPC100PWE"
},
{
"status": "affected",
"version": "V500R002C00SPC200"
},
{
"status": "affected",
"version": "V500R002C00SPC200PWE"
},
{
"status": "affected",
"version": "V500R002C00SPC300"
},
{
"status": "affected",
"version": "V500R002C10"
},
{
"status": "affected",
"version": "V500R002C10PWE"
},
{
"status": "affected",
"version": "V500R002C30"
},
{
"status": "affected",
"version": "V500R002C30PWE"
},
{
"status": "affected",
"version": "V200R005C03"
},
{
"status": "affected",
"version": "V200R003C00SPC100"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R001C00"
},
{
"status": "affected",
"version": "V500R001C00SPC200"
},
{
"status": "affected",
"version": "V500R001C00SPC600"
},
{
"status": "affected",
"version": "V500R001C00SPC700"
},
{
"status": "affected",
"version": "V500R001C20SPC300"
},
{
"status": "affected",
"version": "V500R001C20SPC500"
},
{
"status": "affected",
"version": "V500R001C20SPC600"
},
{
"status": "affected",
"version": "V500R001C60SPC100"
},
{
"status": "affected",
"version": "V500R001C60SPC101"
},
{
"status": "affected",
"version": "V500R001C60SPC200"
},
{
"status": "affected",
"version": "V500R001C60SPC300"
},
{
"status": "affected",
"version": "V500R001C60SPC500"
},
{
"status": "affected",
"version": "V500R001C60SPC600"
},
{
"status": "affected",
"version": "V500R005C00SPC100"
},
{
"status": "affected",
"version": "V100R001C20SPC100"
},
{
"status": "affected",
"version": "V500R001C20SPC101"
},
{
"status": "affected",
"version": "V500R001C80PWE"
},
{
"status": "affected",
"version": "V100R001C00SPC200"
},
{
"status": "affected",
"version": "V100R001C10SPC200"
},
{
"status": "affected",
"version": "V100R001C10SPC201"
},
{
"status": "affected",
"version": "V100R001C20SPC200"
},
{
"status": "affected",
"version": "V500R001C00SPC050"
},
{
"status": "affected",
"version": "V500R001C00SPC090"
},
{
"status": "affected",
"version": "V500R001C30SPC500"
},
{
"status": "affected",
"version": "V500R001C30SPC600"
},
{
"status": "affected",
"version": "V500R001C30SPC600PWE"
},
{
"status": "affected",
"version": "V500R001C30SPC601"
},
{
"status": "affected",
"version": "V500R001C50SPC009"
},
{
"status": "affected",
"version": "V500R001C50SPC100"
},
{
"status": "affected",
"version": "V500R001C50SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C50SPC200"
},
{
"status": "affected",
"version": "V500R001C50SPC200PWE"
},
{
"status": "affected",
"version": "V500R001C50SPC300"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R001C60SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C60SPC200PWE"
},
{
"status": "affected",
"version": "V500R005C00SPC102"
},
{
"status": "affected",
"version": "V500R001C10"
},
{
"status": "affected",
"version": "V500R001C10SPC100"
},
{
"status": "affected",
"version": "V500R001C10SPC200"
},
{
"status": "affected",
"version": "V500R003C00"
},
{
"status": "affected",
"version": "V500R003C00SPC100"
},
{
"status": "affected",
"version": "V200R003C50SPC700"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a buffer overflow vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the affected board to be abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-13T22:41:04",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-5258",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981",
"version": {
"version_data": [
{
"version_value": "V200R005C30"
},
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R006C20"
},
{
"version_value": "V200R007C10"
},
{
"version_value": "V200R007C20"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R008C10"
},
{
"version_value": "V200R009C00"
},
{
"version_value": "V500R001C00SPC300"
},
{
"version_value": "V500R001C00SPC500"
},
{
"version_value": "V500R001C00SPH303"
},
{
"version_value": "V500R001C00SPH508"
},
{
"version_value": "V500R001C20"
},
{
"version_value": "V500R001C20SPC100"
},
{
"version_value": "V500R001C20SPC100PWE"
},
{
"version_value": "V500R001C20SPC200"
},
{
"version_value": "V500R001C20SPC200B062"
},
{
"version_value": "V500R001C20SPC200PWE"
},
{
"version_value": "V500R001C20SPC300B078"
},
{
"version_value": "V500R001C20SPC300PWE"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C30SPC100"
},
{
"version_value": "V500R001C30SPC100PWE"
},
{
"version_value": "V500R001C30SPC200"
},
{
"version_value": "V500R001C30SPC200PWE"
},
{
"version_value": "V500R001C30SPC300"
},
{
"version_value": "V500R001C50"
},
{
"version_value": "V500R001C50PWE"
},
{
"version_value": "V500R001C80"
},
{
"version_value": "V500R005C00"
},
{
"version_value": "V500R001C00SPC500PWE"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V500R002C00SPC100"
},
{
"version_value": "V500R002C00SPC100PWE"
},
{
"version_value": "V500R002C00SPC200"
},
{
"version_value": "V500R002C00SPC200PWE"
},
{
"version_value": "V500R002C00SPC300"
},
{
"version_value": "V500R002C10"
},
{
"version_value": "V500R002C10PWE"
},
{
"version_value": "V500R002C30"
},
{
"version_value": "V500R002C30PWE"
},
{
"version_value": "V200R005C03"
},
{
"version_value": "V200R003C00SPC100"
},
{
"version_value": "V500R002C20"
},
{
"version_value": "V500R001C00"
},
{
"version_value": "V500R001C00SPC200"
},
{
"version_value": "V500R001C00SPC600"
},
{
"version_value": "V500R001C00SPC700"
},
{
"version_value": "V500R001C20SPC300"
},
{
"version_value": "V500R001C20SPC500"
},
{
"version_value": "V500R001C20SPC600"
},
{
"version_value": "V500R001C60SPC100"
},
{
"version_value": "V500R001C60SPC101"
},
{
"version_value": "V500R001C60SPC200"
},
{
"version_value": "V500R001C60SPC300"
},
{
"version_value": "V500R001C60SPC500"
},
{
"version_value": "V500R001C60SPC600"
},
{
"version_value": "V500R005C00SPC100"
},
{
"version_value": "V100R001C20SPC100"
},
{
"version_value": "V500R001C20SPC101"
},
{
"version_value": "V500R001C80PWE"
},
{
"version_value": "V100R001C00SPC200"
},
{
"version_value": "V100R001C10SPC200"
},
{
"version_value": "V100R001C10SPC201"
},
{
"version_value": "V100R001C20SPC200"
},
{
"version_value": "V500R001C00SPC050"
},
{
"version_value": "V500R001C00SPC090"
},
{
"version_value": "V500R001C30SPC500"
},
{
"version_value": "V500R001C30SPC600"
},
{
"version_value": "V500R001C30SPC600PWE"
},
{
"version_value": "V500R001C30SPC601"
},
{
"version_value": "V500R001C50SPC009"
},
{
"version_value": "V500R001C50SPC100"
},
{
"version_value": "V500R001C50SPC100PWE"
},
{
"version_value": "V500R001C50SPC200"
},
{
"version_value": "V500R001C50SPC200PWE"
},
{
"version_value": "V500R001C50SPC300"
},
{
"version_value": "V500R001C60"
},
{
"version_value": "V500R001C60SPC100PWE"
},
{
"version_value": "V500R001C60SPC200PWE"
},
{
"version_value": "V500R005C00SPC102"
},
{
"version_value": "V500R001C10"
},
{
"version_value": "V500R001C10SPC100"
},
{
"version_value": "V500R001C10SPC200"
},
{
"version_value": "V500R003C00"
},
{
"version_value": "V500R003C00SPC100"
},
{
"version_value": "V200R003C50SPC700"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a buffer overflow vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the affected board to be abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-5258",
"datePublished": "2019-12-13T22:41:04",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:47:56.829Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5257 (GCVE-0-2019-5257)
Vulnerability from cvelistv5 – Published: 2019-12-13 22:16 – Updated: 2024-08-04 19:47
VLAI?
Summary
Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace) have a resource management vulnerability. An attacker who logs in to the board may send crafted messages from the internal network.
Severity ?
No CVSS data available.
CWE
- resource management
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981 |
Affected:
V200R005C30
Affected: V200R006C10 Affected: V200R006C20 Affected: V200R007C10 Affected: V200R007C20 Affected: V200R008C00 Affected: V200R008C10 Affected: V200R009C00 Affected: V500R001C00SPC300 Affected: V500R001C00SPC500 Affected: V500R001C00SPH303 Affected: V500R001C00SPH508 Affected: V500R001C20 Affected: V500R001C20SPC100 Affected: V500R001C20SPC100PWE Affected: V500R001C20SPC200 Affected: V500R001C20SPC200B062 Affected: V500R001C20SPC200PWE Affected: V500R001C20SPC300B078 Affected: V500R001C20SPC300PWE Affected: V500R001C30 Affected: V500R001C30SPC100 Affected: V500R001C30SPC100PWE Affected: V500R001C30SPC200 Affected: V500R001C30SPC200PWE Affected: V500R001C30SPC300 Affected: V500R001C50 Affected: V500R001C50PWE Affected: V500R001C80 Affected: V500R005C00 Affected: V500R001C00SPC500PWE Affected: V500R002C00 Affected: V500R002C00SPC100 Affected: V500R002C00SPC100PWE Affected: V500R002C00SPC200 Affected: V500R002C00SPC200PWE Affected: V500R002C00SPC300 Affected: V500R002C10 Affected: V500R002C10PWE Affected: V500R002C30 Affected: V500R002C30PWE Affected: V200R005C03 Affected: V200R003C00SPC100 Affected: V500R002C20 Affected: V500R001C00 Affected: V500R001C00SPC200 Affected: V500R001C00SPC600 Affected: V500R001C00SPC700 Affected: V500R001C20SPC300 Affected: V500R001C20SPC500 Affected: V500R001C20SPC600 Affected: V500R001C60SPC100 Affected: V500R001C60SPC101 Affected: V500R001C60SPC200 Affected: V500R001C60SPC300 Affected: V500R001C60SPC500 Affected: V500R001C60SPC600 Affected: V500R005C00SPC100 Affected: V100R001C20SPC100 Affected: V500R001C20SPC101 Affected: V500R001C80PWE Affected: V100R001C00SPC200 Affected: V100R001C10SPC200 Affected: V100R001C10SPC201 Affected: V100R001C20SPC200 Affected: V500R001C00SPC050 Affected: V500R001C00SPC090 Affected: V500R001C30SPC500 Affected: V500R001C30SPC600 Affected: V500R001C30SPC600PWE Affected: V500R001C30SPC601 Affected: V500R001C50SPC009 Affected: V500R001C50SPC100 Affected: V500R001C50SPC100PWE Affected: V500R001C50SPC200 Affected: V500R001C50SPC200PWE Affected: V500R001C50SPC300 Affected: V500R001C60 Affected: V500R001C60SPC100PWE Affected: V500R001C60SPC200PWE Affected: V500R005C00SPC102 Affected: V500R001C10 Affected: V500R001C10SPC100 Affected: V500R001C10SPC200 Affected: V500R003C00 Affected: V500R003C00SPC100 Affected: V200R003C50SPC700 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:47:56.752Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R005C30"
},
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R006C20"
},
{
"status": "affected",
"version": "V200R007C10"
},
{
"status": "affected",
"version": "V200R007C20"
},
{
"status": "affected",
"version": "V200R008C00"
},
{
"status": "affected",
"version": "V200R008C10"
},
{
"status": "affected",
"version": "V200R009C00"
},
{
"status": "affected",
"version": "V500R001C00SPC300"
},
{
"status": "affected",
"version": "V500R001C00SPC500"
},
{
"status": "affected",
"version": "V500R001C00SPH303"
},
{
"status": "affected",
"version": "V500R001C00SPH508"
},
{
"status": "affected",
"version": "V500R001C20"
},
{
"status": "affected",
"version": "V500R001C20SPC100"
},
{
"status": "affected",
"version": "V500R001C20SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C20SPC200"
},
{
"status": "affected",
"version": "V500R001C20SPC200B062"
},
{
"status": "affected",
"version": "V500R001C20SPC200PWE"
},
{
"status": "affected",
"version": "V500R001C20SPC300B078"
},
{
"status": "affected",
"version": "V500R001C20SPC300PWE"
},
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C30SPC100"
},
{
"status": "affected",
"version": "V500R001C30SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C30SPC200"
},
{
"status": "affected",
"version": "V500R001C30SPC200PWE"
},
{
"status": "affected",
"version": "V500R001C30SPC300"
},
{
"status": "affected",
"version": "V500R001C50"
},
{
"status": "affected",
"version": "V500R001C50PWE"
},
{
"status": "affected",
"version": "V500R001C80"
},
{
"status": "affected",
"version": "V500R005C00"
},
{
"status": "affected",
"version": "V500R001C00SPC500PWE"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C00SPC100"
},
{
"status": "affected",
"version": "V500R002C00SPC100PWE"
},
{
"status": "affected",
"version": "V500R002C00SPC200"
},
{
"status": "affected",
"version": "V500R002C00SPC200PWE"
},
{
"status": "affected",
"version": "V500R002C00SPC300"
},
{
"status": "affected",
"version": "V500R002C10"
},
{
"status": "affected",
"version": "V500R002C10PWE"
},
{
"status": "affected",
"version": "V500R002C30"
},
{
"status": "affected",
"version": "V500R002C30PWE"
},
{
"status": "affected",
"version": "V200R005C03"
},
{
"status": "affected",
"version": "V200R003C00SPC100"
},
{
"status": "affected",
"version": "V500R002C20"
},
{
"status": "affected",
"version": "V500R001C00"
},
{
"status": "affected",
"version": "V500R001C00SPC200"
},
{
"status": "affected",
"version": "V500R001C00SPC600"
},
{
"status": "affected",
"version": "V500R001C00SPC700"
},
{
"status": "affected",
"version": "V500R001C20SPC300"
},
{
"status": "affected",
"version": "V500R001C20SPC500"
},
{
"status": "affected",
"version": "V500R001C20SPC600"
},
{
"status": "affected",
"version": "V500R001C60SPC100"
},
{
"status": "affected",
"version": "V500R001C60SPC101"
},
{
"status": "affected",
"version": "V500R001C60SPC200"
},
{
"status": "affected",
"version": "V500R001C60SPC300"
},
{
"status": "affected",
"version": "V500R001C60SPC500"
},
{
"status": "affected",
"version": "V500R001C60SPC600"
},
{
"status": "affected",
"version": "V500R005C00SPC100"
},
{
"status": "affected",
"version": "V100R001C20SPC100"
},
{
"status": "affected",
"version": "V500R001C20SPC101"
},
{
"status": "affected",
"version": "V500R001C80PWE"
},
{
"status": "affected",
"version": "V100R001C00SPC200"
},
{
"status": "affected",
"version": "V100R001C10SPC200"
},
{
"status": "affected",
"version": "V100R001C10SPC201"
},
{
"status": "affected",
"version": "V100R001C20SPC200"
},
{
"status": "affected",
"version": "V500R001C00SPC050"
},
{
"status": "affected",
"version": "V500R001C00SPC090"
},
{
"status": "affected",
"version": "V500R001C30SPC500"
},
{
"status": "affected",
"version": "V500R001C30SPC600"
},
{
"status": "affected",
"version": "V500R001C30SPC600PWE"
},
{
"status": "affected",
"version": "V500R001C30SPC601"
},
{
"status": "affected",
"version": "V500R001C50SPC009"
},
{
"status": "affected",
"version": "V500R001C50SPC100"
},
{
"status": "affected",
"version": "V500R001C50SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C50SPC200"
},
{
"status": "affected",
"version": "V500R001C50SPC200PWE"
},
{
"status": "affected",
"version": "V500R001C50SPC300"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V500R001C60SPC100PWE"
},
{
"status": "affected",
"version": "V500R001C60SPC200PWE"
},
{
"status": "affected",
"version": "V500R005C00SPC102"
},
{
"status": "affected",
"version": "V500R001C10"
},
{
"status": "affected",
"version": "V500R001C10SPC100"
},
{
"status": "affected",
"version": "V500R001C10SPC200"
},
{
"status": "affected",
"version": "V500R003C00"
},
{
"status": "affected",
"version": "V500R003C00SPC100"
},
{
"status": "affected",
"version": "V200R003C50SPC700"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace) have a resource management vulnerability. An attacker who logs in to the board may send crafted messages from the internal network."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "resource management",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-13T22:16:22",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-5257",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981",
"version": {
"version_data": [
{
"version_value": "V200R005C30"
},
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R006C20"
},
{
"version_value": "V200R007C10"
},
{
"version_value": "V200R007C20"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R008C10"
},
{
"version_value": "V200R009C00"
},
{
"version_value": "V500R001C00SPC300"
},
{
"version_value": "V500R001C00SPC500"
},
{
"version_value": "V500R001C00SPH303"
},
{
"version_value": "V500R001C00SPH508"
},
{
"version_value": "V500R001C20"
},
{
"version_value": "V500R001C20SPC100"
},
{
"version_value": "V500R001C20SPC100PWE"
},
{
"version_value": "V500R001C20SPC200"
},
{
"version_value": "V500R001C20SPC200B062"
},
{
"version_value": "V500R001C20SPC200PWE"
},
{
"version_value": "V500R001C20SPC300B078"
},
{
"version_value": "V500R001C20SPC300PWE"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C30SPC100"
},
{
"version_value": "V500R001C30SPC100PWE"
},
{
"version_value": "V500R001C30SPC200"
},
{
"version_value": "V500R001C30SPC200PWE"
},
{
"version_value": "V500R001C30SPC300"
},
{
"version_value": "V500R001C50"
},
{
"version_value": "V500R001C50PWE"
},
{
"version_value": "V500R001C80"
},
{
"version_value": "V500R005C00"
},
{
"version_value": "V500R001C00SPC500PWE"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V500R002C00SPC100"
},
{
"version_value": "V500R002C00SPC100PWE"
},
{
"version_value": "V500R002C00SPC200"
},
{
"version_value": "V500R002C00SPC200PWE"
},
{
"version_value": "V500R002C00SPC300"
},
{
"version_value": "V500R002C10"
},
{
"version_value": "V500R002C10PWE"
},
{
"version_value": "V500R002C30"
},
{
"version_value": "V500R002C30PWE"
},
{
"version_value": "V200R005C03"
},
{
"version_value": "V200R003C00SPC100"
},
{
"version_value": "V500R002C20"
},
{
"version_value": "V500R001C00"
},
{
"version_value": "V500R001C00SPC200"
},
{
"version_value": "V500R001C00SPC600"
},
{
"version_value": "V500R001C00SPC700"
},
{
"version_value": "V500R001C20SPC300"
},
{
"version_value": "V500R001C20SPC500"
},
{
"version_value": "V500R001C20SPC600"
},
{
"version_value": "V500R001C60SPC100"
},
{
"version_value": "V500R001C60SPC101"
},
{
"version_value": "V500R001C60SPC200"
},
{
"version_value": "V500R001C60SPC300"
},
{
"version_value": "V500R001C60SPC500"
},
{
"version_value": "V500R001C60SPC600"
},
{
"version_value": "V500R005C00SPC100"
},
{
"version_value": "V100R001C20SPC100"
},
{
"version_value": "V500R001C20SPC101"
},
{
"version_value": "V500R001C80PWE"
},
{
"version_value": "V100R001C00SPC200"
},
{
"version_value": "V100R001C10SPC200"
},
{
"version_value": "V100R001C10SPC201"
},
{
"version_value": "V100R001C20SPC200"
},
{
"version_value": "V500R001C00SPC050"
},
{
"version_value": "V500R001C00SPC090"
},
{
"version_value": "V500R001C30SPC500"
},
{
"version_value": "V500R001C30SPC600"
},
{
"version_value": "V500R001C30SPC600PWE"
},
{
"version_value": "V500R001C30SPC601"
},
{
"version_value": "V500R001C50SPC009"
},
{
"version_value": "V500R001C50SPC100"
},
{
"version_value": "V500R001C50SPC100PWE"
},
{
"version_value": "V500R001C50SPC200"
},
{
"version_value": "V500R001C50SPC200PWE"
},
{
"version_value": "V500R001C50SPC300"
},
{
"version_value": "V500R001C60"
},
{
"version_value": "V500R001C60SPC100PWE"
},
{
"version_value": "V500R001C60SPC200PWE"
},
{
"version_value": "V500R005C00SPC102"
},
{
"version_value": "V500R001C10"
},
{
"version_value": "V500R001C10SPC100"
},
{
"version_value": "V500R001C10SPC200"
},
{
"version_value": "V500R003C00"
},
{
"version_value": "V500R003C00SPC100"
},
{
"version_value": "V200R003C50SPC700"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace) have a resource management vulnerability. An attacker who logs in to the board may send crafted messages from the internal network."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "resource management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-5257",
"datePublished": "2019-12-13T22:16:22",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:47:56.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}