Buffer Error Vulnerability in Huawei Products
CVE-2019-5304
Key Information:
- Vendor
- Huawei
- Vendor
- CVE Published:
- 3 January 2020
Summary
Several Huawei products exhibit a buffer error vulnerability that can be exploited by unauthenticated remote attackers. By sending specially crafted MPLS Echo Request messages, the attacker can leverage insufficient input validation on specific parameters, leading to potential device resets. This vulnerability highlights the importance of robust input validation mechanisms to prevent unauthorized access and service disruptions.
Affected Version(s)
AR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR3200;AR3600;IPS Module;NGFW Module;NIP6300;NIP6600;NetEngine16EX;S5700;S6700;SRG1300;SRG2300;SRG3300;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600 V200R006C10
AR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR3200;AR3600;IPS Module;NGFW Module;NIP6300;NIP6600;NetEngine16EX;S5700;S6700;SRG1300;SRG2300;SRG3300;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600 V200R007C00
AR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR3200;AR3600;IPS Module;NGFW Module;NIP6300;NIP6600;NetEngine16EX;S5700;S6700;SRG1300;SRG2300;SRG3300;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600 V200R008C20
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved