Denial of Service Vulnerability in Huawei Networking Products
CVE-2019-5255

5.5MEDIUM

Key Information:

Vendor
Huawei
Status
Ap2000;ips Module;ngfw Module;nip6300;nip6600;nip6800;s5700;svn5600;svn5800;svn5800-c;semg9811;secospace Antiddos8000;secospace Usg6300;secospace Usg6500;secospace Usg6600;usg6000v;espace U1981
Vendor
CVE Published:
13 December 2019

Summary

Certain Huawei networking products are affected by a Denial of Service vulnerability that allows attackers to exploit insufficient message validation from FTP clients. By sending specially crafted messages, an attacker may initiate unexpected read operations, leading to service disruptions and potential system outages for impacted devices.

Affected Version(s)

AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981 V200R005C30

AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981 V200R006C10

AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981 V200R006C20

References

https://www.huawei.com/en/psirt/security-advisories/huawe...
x_refsource_MISC

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.