CVE-2019-5294

2019-11-1316:12:44

huawei

www.cve.org

0.002 Low

EPSS

Percentile

58.9%

JSON

There is an out of bound read vulnerability in some Huawei products. A remote, unauthenticated attacker may send a corrupt or crafted message to the affected products. Due to a buffer read overflow error when parsing the message, successful exploit may cause some service to be abnormal.

CNA Affected

[
  {
    "product": "AR120-S,AR1200,AR1200-S,AR150,AR150-S,AR160,AR200,AR200-S,AR2200,AR2200-S,AR3200,AR3600,NetEngine16EX,SRG1300,SRG2300,SRG3300",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "AR120-S V200R005C20, V200R006C10, V200R007C00, AR1200 V200R005C20, V200R006C10, V200R007C00, AR1200-S V200R005C20, V200R006C10, V200R007C00, AR150 V200R005C20, V200R006C10, V200R007C00, AR150-S V200R005C20, V200R006C10, V200R007C00, AR160 V200R005C20, V200R006C10, V200R007C00, AR200 V200R005C20, V200R006C10, V200R007C00, AR200-S V200R005C20, V200R006C10, V200R007C00, AR2200 V200R005C20, V200R006C10, V200R007C00, AR2200-S V200R005C20, V200R006C10, V200R007C00, AR3200 V200R005C20, V200R006C10, AR3600 V200R006C10, V200R007C00, NetEngine16EX V200R005C20, V200R006C10, V200R007C00, SRG1300 V200R005C20, V200R006C10, V200R007C00, SRG2300 V200R005C20, V200R006C10, V200R007C00, SRG3300 V200R005C20, V200R006C10, V200R007C00"
      }
    ]
  }
]

References

www.huawei.com/en/psirt/security-advisories/huawei-sa-20191023-01-buffer-en

0.002 Low

EPSS

Percentile

58.9%

JSON

Related for CVELIST:CVE-2019-5294