Resource Management Vulnerability in Various Huawei Networking Products
CVE-2019-5257

5.5MEDIUM

Key Information:

Vendor
Huawei
Status
Ap2000;ips Module;ngfw Module;nip6300;nip6600;nip6800;s5700;svn5600;svn5800;svn5800-c;semg9811;secospace Antiddos8000;secospace Usg6300;secospace Usg6500;secospace Usg6600;usg6000v;espace U1981
Vendor
CVE Published:
13 December 2019

Summary

Certain Huawei networking products have a resource management vulnerability that could be exploited by an attacker with access to the internal network. By logging into the affected devices, an attacker may send specially crafted messages, potentially leading to unauthorized access or compromise of the device's functionality. The vulnerability affects a range of models, highlighting the importance of securing internal network access.

Affected Version(s)

AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981 V200R005C30

AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981 V200R006C10

AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981 V200R006C20

References

https://www.huawei.com/en/psirt/security-advisories/huawe...
x_refsource_MISC

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.