Out-of-Bounds Read Vulnerability in Gauss100 OLTP Database by Huawei
CVE-2019-5278

6.5MEDIUM

Key Information:

Vendor
Huawei
Status
Campusinsight
Vendor
CVE Published:
13 December 2019

Summary

An out-of-bounds read vulnerability exists in the Advanced Packages feature of the Gauss100 OLTP database. This vulnerability primarily affects versions prior to V100R019C00SPC200. Attackers with the appropriate permissions can exploit this flaw by sending crafted SQL statements to the database, potentially resulting in a database crash and impacting service availability.

Affected Version(s)

CampusInsight V100R019C00

References

http://www.huawei.com/en/psirt/security-advisories/huawei...
x_refsource_MISC

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.