Denial of Service Vulnerability in Huawei CloudEngine 12800
CVE-2019-5248

7.4HIGH

Key Information:

Vendor: Huawei
Status: Cloudengine 12800
Vendor: CVE Published:; 13 December 2019

What is CVE-2019-5248?

The Huawei CloudEngine 12800 Series devices have a vulnerability that may be exploited for Denial of Service attacks. When an attacker sends a specific sequence of packets from a neighboring device, it triggers a memory leak, which can lead to service interruptions. This flaw allows potential attackers to compromise the availability of the affected device, underscoring the importance of robust network security measures.

Affected Version(s)

CloudEngine 12800 V200R001C00SPC600

CloudEngine 12800 V200R001C00SPC700

CloudEngine 12800 V200R002C01

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_MISC

CVSS V3.1

Score:

7.4

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 13, 2019
Vulnerability Reserved
Jan 4, 2019

JSON