CVE-2019-5294

Summary

There is an out of bound read vulnerability in some Huawei products. A remote, unauthenticated attacker may send a corrupt or crafted message to the affected products. Due to a buffer read overflow error when parsing the message, successful exploit may cause some service to be abnormal.

Affected Software

VendorProductVersion RangeStatus
n/aAR120-S,AR1200,AR1200-S,AR150,AR150-S,AR160,AR200,AR200-S,AR2200,AR2200-S,AR3200,AR3600,NetEngine16EX,SRG1300,SRG2300,SRG3300AR120-S V200R005C20, V200R006C10, V200R007C00, AR1200 V200R005C20, V200R006C10, V200R007C00, AR1200-S V200R005C20, V200R006C10, V200R007C00, AR150 V200R005C20, V200R006C10, V200R007C00, AR150-S V200R005C20, V200R006C10, V200R007C00, AR160 V200R005C20, V200R006C10, V200R007C00, AR200 V200R005C20, V200R006C10, V200R007C00, AR200-S V200R005C20, V200R006C10, V200R007C00, AR2200 V200R005C20, V200R006C10, V200R007C00, AR2200-S V200R005C20, V200R006C10, V200R007C00, AR3200 V200R005C20, V200R006C10, AR3600 V200R006C10, V200R007C00, NetEngine16EX V200R005C20, V200R006C10, V200R007C00, SRG1300 V200R005C20, V200R006C10, V200R007C00, SRG2300 V200R005C20, V200R006C10, V200R007C00, SRG3300 V200R005C20, V200R006C10, V200R007C00affected

Weaknesses

  • Out-Of-Bound Read

ADP Enrichment

CVE Program Container

Additional References

References