USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in a heap buffer overflow when decoding a certificate, an attacker may exploit the vulnerability by a malicious certificate to perform a denial of service attack on the affected products.
CPE | Name | Operator | Version |
---|---|---|---|
usg9500_firmware | eq | 500r1c30-v | |
usg9500_firmware | eq | 500r1c60-v |