CVE-2019-5255
5.5
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Exploitability: 1.8 / Impact: 3.6
Source: NVD
Description
Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a DoS vulnerability. An attacker may send crafted messages from a FTP client to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the system out-of-bounds read and result in a denial of service condition of the affected service.
Affected (244)
Products: Huawei: Ap2000 Firmware, Ips Firmware, Ngfw Firmware, Nip6300 Firmware, Nip6600 Firmware, Nip6800 Firmware, S5700 Firmware, Svn5600 Firmware, Svn5800 Firmware, Svn5800 C Firmware, Semg9811 Firmware, Secospace Antiddos8000 Firmware, Secospace Usg6300 Firmware, Secospace Usg6500 Firmware, Secospace Usg6600 Firmware, Usg6000v Firmware, Espace U1981 Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version v200r005c30 |
| Running on/with | Platform Versions |
|---|---|
Huawei Ap2000 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version v500r001c00spc300 |
| Running on/with | Platform Versions |
|---|---|
Huawei Ips | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Version v500r001c00spc300 |
| Running on/with | Platform Versions |
|---|---|
Huawei Ngfw | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Version v500r001c00spc300 |
| Running on/with | Platform Versions |
|---|---|
Huawei Nip6300 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Version v500r001c00spc300 |
| Running on/with | Platform Versions |
|---|---|
Huawei Nip6600 | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Version v500r001c50 |
| Running on/with | Platform Versions |
|---|---|
Huawei Nip6800 | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Version v200r005c03 |
| Running on/with | Platform Versions |
|---|---|
Huawei S5700 | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Version v200r003c00spc100 |
| Running on/with | Platform Versions |
|---|---|
Huawei Svn5600 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Version v200r003c00spc100 |
| Running on/with | Platform Versions |
|---|---|
Huawei Svn5800 | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Version v200r003c00spc100 |
| Running on/with | Platform Versions |
|---|---|
Huawei Svn5800 C | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Version v500r002c20 |
| Running on/with | Platform Versions |
|---|---|
Huawei Semg9811 | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Version v500r001c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei Secospace Antiddos8000 | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Version v100r001c20spc100 |
| Running on/with | Platform Versions |
|---|---|
Huawei Secospace Usg6300 | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Version v100r001c20spc100 |
| Running on/with | Platform Versions |
|---|---|
Huawei Secospace Usg6500 | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Version v100r001c00spc200 |
| Running on/with | Platform Versions |
|---|---|
Huawei Secospace Usg6600 | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Version v500r001c10 |
| Running on/with | Platform Versions |
|---|---|
Huawei Usg6000v | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Version v200r003c50spc700 |
| Running on/with | Platform Versions |
|---|---|
Huawei Espace U1981 | All versions |
References (2)
Source: psirt@huawei.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.