CVE-2019-5285
Severity CVSS v4.0:
Pending analysis
Type:
CWE-20
Input Validation
Publication date:
04/06/2019
Last modified:
26/07/2019
Description
Some Huawei S series switches have a DoS vulnerability. An unauthenticated remote attacker can send crafted packets to the affected device to exploit this vulnerability. Due to insufficient verification of the packets, successful exploitation may cause the device reboot and denial of service (DoS) condition. (Vulnerability ID: HWPSIRT-2019-03109)
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH
Base Score 2.0
7.80
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:huawei:s12700_firmware:v200r005c00:*:*:*:*:*:*:* | ||
| cpe:2.3:o:huawei:s12700_firmware:v200r006c00:*:*:*:*:*:*:* | ||
| cpe:2.3:o:huawei:s12700_firmware:v200r007c00:*:*:*:*:*:*:* | ||
| cpe:2.3:o:huawei:s12700_firmware:v200r008c00:*:*:*:*:*:*:* | ||
| cpe:2.3:o:huawei:s12700_firmware:v200r010c00:*:*:*:*:*:*:* | ||
| cpe:2.3:o:huawei:s12700_firmware:v200r011c10:*:*:*:*:*:*:* | ||
| cpe:2.3:o:huawei:s12700_firmware:v200r012c00:*:*:*:*:*:*:* | ||
| cpe:2.3:o:huawei:s12700_firmware:v200r013c00:*:*:*:*:*:*:* | ||
| cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:huawei:s1700_firmware:v200r008c00:*:*:*:*:*:*:* | ||
| cpe:2.3:o:huawei:s1700_firmware:v200r009c00:*:*:*:*:*:*:* | ||
| cpe:2.3:o:huawei:s1700_firmware:v200r010c00:*:*:*:*:*:*:* | ||
| cpe:2.3:o:huawei:s1700_firmware:v200r011c10:*:*:*:*:*:*:* | ||
| cpe:2.3:o:huawei:s1700_firmware:v200r012c00:*:*:*:*:*:*:* | ||
| cpe:2.3:o:huawei:s1700_firmware:v200r013c00:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page