CVE-2019-5304

CVE-2019-5304

EPSS 1.0%

Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset.

Produtos afetados

n/a · AR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR3200;AR3600;IPS Module;NGFW Module;NIP6300;NIP6600;NetEngine16EX;S5700;S6700;SRG1300;SRG2300;SRG3300;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200102-01-buffer-en