Details of VAR-201912-0808

ID

VAR-201912-0808

CVE

CVE-2019-5254

TITLE

plural Huawei Product out-of-bounds vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-013324

DESCRIPTION

Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have an out-of-bounds read vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the affected board to be abnormal. plural Huawei The product contains an out-of-bounds vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state

Trust: 1.62

sources: NVD: CVE-2019-5254 // JVNDB: JVNDB-2019-013324

AFFECTED PRODUCTS

vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c30spc601	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c80	Trust: 1.0
vendor:	huawei	model:	nip6600	scope:	eq	version:	v500r001c30spc200pwe	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v100r001c10spc201	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c30	Trust: 1.0
vendor:	huawei	model:	ips	scope:	eq	version:	v500r001c20spc200pwe	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c50spc100	Trust: 1.0
vendor:	huawei	model:	usg6000v	scope:	eq	version:	v500r001c20spc200	Trust: 1.0
vendor:	huawei	model:	ips	scope:	eq	version:	v500r001c30spc300	Trust: 1.0
vendor:	huawei	model:	nip6300	scope:	eq	version:	v500r001c30spc100pwe	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v500r001c20spc200b062	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v500r001c20spc200pwe	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c50spc009	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c60spc500	Trust: 1.0
vendor:	huawei	model:	ngfw	scope:	eq	version:	v500r001c20	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v500r001c50pwe	Trust: 1.0
vendor:	huawei	model:	ips	scope:	eq	version:	v500r001c20spc300pwe	Trust: 1.0
vendor:	huawei	model:	nip6300	scope:	eq	version:	v500r001c30spc200	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c30spc200pwe	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c60spc200	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c00spc500pwe	Trust: 1.0
vendor:	huawei	model:	nip6600	scope:	eq	version:	v500r001c30spc300	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v500r001c50pwe	Trust: 1.0
vendor:	huawei	model:	usg6000v	scope:	eq	version:	v500r001c20spc500	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c60spc200pwe	Trust: 1.0
vendor:	huawei	model:	nip6600	scope:	eq	version:	v500r001c50	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c30spc500	Trust: 1.0
vendor:	huawei	model:	usg6000v	scope:	eq	version:	v500r005c00	Trust: 1.0
vendor:	huawei	model:	nip6600	scope:	eq	version:	v500r001c20	Trust: 1.0
vendor:	huawei	model:	ngfw	scope:	eq	version:	v500r002c00spc100pwe	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c50spc200	Trust: 1.0
vendor:	huawei	model:	ap2000	scope:	eq	version:	v200r007c20	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c30spc300	Trust: 1.0
vendor:	huawei	model:	usg6000v	scope:	eq	version:	v500r003c00	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c60spc300	Trust: 1.0
vendor:	huawei	model:	semg9811	scope:	eq	version:	v500r005c00	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c50	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v500r001c20spc100	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v500r001c20spc101	Trust: 1.0
vendor:	huawei	model:	nip6300	scope:	eq	version:	v500r001c20spc200	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v500r001c00spc300	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c20	Trust: 1.0
vendor:	huawei	model:	usg6000v	scope:	eq	version:	v500r005c00spc100	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v500r001c20spc100	Trust: 1.0
vendor:	huawei	model:	secospace antiddos8000	scope:	eq	version:	v500r001c20spc200	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v500r001c20spc101	Trust: 1.0
vendor:	huawei	model:	s5700	scope:	eq	version:	v200r005c03	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v500r001c00spc300	Trust: 1.0
vendor:	huawei	model:	ngfw	scope:	eq	version:	v500r002c10	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c30spc100	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r005c00spc100	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c00	Trust: 1.0
vendor:	huawei	model:	ips	scope:	eq	version:	v500r001c20spc200b062	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v500r001c00sph303	Trust: 1.0
vendor:	huawei	model:	semg9811	scope:	eq	version:	v500r002c30	Trust: 1.0
vendor:	huawei	model:	ngfw	scope:	eq	version:	v500r001c20spc200pwe	Trust: 1.0
vendor:	huawei	model:	nip6300	scope:	eq	version:	v500r001c00spc500	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v500r001c20spc200b062	Trust: 1.0
vendor:	huawei	model:	usg6000v	scope:	eq	version:	v500r001c10	Trust: 1.0
vendor:	huawei	model:	nip6300	scope:	eq	version:	v500r005c00	Trust: 1.0
vendor:	huawei	model:	nip6300	scope:	eq	version:	v500r001c20spc100pwe	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v500r001c00sph303	Trust: 1.0
vendor:	huawei	model:	espace u1981	scope:	eq	version:	v200r003c50spc700	Trust: 1.0
vendor:	huawei	model:	nip6300	scope:	eq	version:	v500r001c20spc300b078	Trust: 1.0
vendor:	huawei	model:	secospace antiddos8000	scope:	eq	version:	v500r001c20spc500	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v500r001c00spc500	Trust: 1.0
vendor:	huawei	model:	ap2000	scope:	eq	version:	v200r008c00	Trust: 1.0
vendor:	huawei	model:	secospace antiddos8000	scope:	eq	version:	v500r001c00spc500	Trust: 1.0
vendor:	huawei	model:	secospace antiddos8000	scope:	eq	version:	v500r001c00spc700	Trust: 1.0
vendor:	huawei	model:	ips	scope:	eq	version:	v500r001c50pwe	Trust: 1.0
vendor:	huawei	model:	ngfw	scope:	eq	version:	v500r002c30pwe	Trust: 1.0
vendor:	huawei	model:	secospace antiddos8000	scope:	eq	version:	v500r005c00	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v500r001c20spc300b078	Trust: 1.0
vendor:	huawei	model:	ngfw	scope:	eq	version:	v500r001c20spc300pwe	Trust: 1.0
vendor:	huawei	model:	ngfw	scope:	eq	version:	v500r002c10pwe	Trust: 1.0
vendor:	huawei	model:	ngfw	scope:	eq	version:	v500r002c00	Trust: 1.0
vendor:	huawei	model:	secospace antiddos8000	scope:	eq	version:	v500r001c00spc200	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c00spc090	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v500r001c30spc100pwe	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c50spc200pwe	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v500r001c00spc500	Trust: 1.0
vendor:	huawei	model:	nip6300	scope:	eq	version:	v500r001c30spc100	Trust: 1.0
vendor:	huawei	model:	nip6800	scope:	eq	version:	v500r001c50pwe	Trust: 1.0
vendor:	huawei	model:	nip6600	scope:	eq	version:	v500r001c20spc200pwe	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v500r001c20spc300b078	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v500r001c30spc200	Trust: 1.0
vendor:	huawei	model:	nip6600	scope:	eq	version:	v500r001c50pwe	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v500r001c30spc100pwe	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c50spc100pwe	Trust: 1.0
vendor:	huawei	model:	ngfw	scope:	eq	version:	v500r002c00spc200pwe	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v100r001c20spc200	Trust: 1.0
vendor:	huawei	model:	nip6300	scope:	eq	version:	v500r001c80	Trust: 1.0
vendor:	huawei	model:	secospace antiddos8000	scope:	eq	version:	v500r001c60spc100	Trust: 1.0
vendor:	huawei	model:	usg6000v	scope:	eq	version:	v500r001c10spc100	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v500r001c30spc200	Trust: 1.0
vendor:	huawei	model:	nip6300	scope:	eq	version:	v500r001c30	Trust: 1.0
vendor:	huawei	model:	usg6000v	scope:	eq	version:	v500r001c20spc300	Trust: 1.0
vendor:	huawei	model:	ngfw	scope:	eq	version:	v500r001c20spc100	Trust: 1.0
vendor:	huawei	model:	semg9811	scope:	eq	version:	v500r002c20	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c20spc200pwe	Trust: 1.0
vendor:	huawei	model:	usg6000v	scope:	eq	version:	v500r001c20	Trust: 1.0
vendor:	huawei	model:	ngfw	scope:	eq	version:	v500r001c00spc300	Trust: 1.0
vendor:	huawei	model:	ips	scope:	eq	version:	v500r001c20spc100	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c80pwe	Trust: 1.0
vendor:	huawei	model:	usg6000v	scope:	eq	version:	v500r001c20spc600	Trust: 1.0
vendor:	huawei	model:	nip6300	scope:	eq	version:	v500r001c00sph508	Trust: 1.0
vendor:	huawei	model:	ips	scope:	eq	version:	v500r001c00spc300	Trust: 1.0
vendor:	huawei	model:	nip6300	scope:	eq	version:	v500r001c30spc200pwe	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c20spc300	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c20spc300pwe	Trust: 1.0
vendor:	huawei	model:	ips	scope:	eq	version:	v500r001c20spc200	Trust: 1.0
vendor:	huawei	model:	svn5800	scope:	eq	version:	v200r003c00spc100	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v500r001c30	Trust: 1.0
vendor:	huawei	model:	secospace antiddos8000	scope:	eq	version:	v500r001c60spc500	Trust: 1.0
vendor:	huawei	model:	nip6600	scope:	eq	version:	v500r001c20spc100	Trust: 1.0
vendor:	huawei	model:	ngfw	scope:	eq	version:	v500r001c00sph303	Trust: 1.0
vendor:	huawei	model:	secospace antiddos8000	scope:	eq	version:	v500r001c60spc200	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v500r001c20spc200	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v100r001c20spc100	Trust: 1.0
vendor:	huawei	model:	nip6600	scope:	eq	version:	v500r001c00spc300	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c60	Trust: 1.0
vendor:	huawei	model:	ap2000	scope:	eq	version:	v200r006c20	Trust: 1.0
vendor:	huawei	model:	ips	scope:	eq	version:	v500r001c00sph303	Trust: 1.0
vendor:	huawei	model:	ngfw	scope:	eq	version:	v500r001c20spc200b062	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v500r001c20spc200	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v500r001c00spc500pwe	Trust: 1.0
vendor:	huawei	model:	nip6300	scope:	eq	version:	v500r001c30spc300	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v100r001c20spc100	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c20spc101	Trust: 1.0
vendor:	huawei	model:	ips	scope:	eq	version:	v500r001c00spc500	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c00spc300	Trust: 1.0
vendor:	huawei	model:	ap2000	scope:	eq	version:	v200r009c00	Trust: 1.0
vendor:	huawei	model:	ips	scope:	eq	version:	v500r005c00	Trust: 1.0
vendor:	huawei	model:	ips	scope:	eq	version:	v500r001c20spc100pwe	Trust: 1.0
vendor:	huawei	model:	nip6300	scope:	eq	version:	v500r001c50	Trust: 1.0
vendor:	huawei	model:	nip6600	scope:	eq	version:	v500r001c00sph303	Trust: 1.0
vendor:	huawei	model:	ips	scope:	eq	version:	v500r001c20spc300b078	Trust: 1.0
vendor:	huawei	model:	secospace antiddos8000	scope:	eq	version:	v500r001c60spc300	Trust: 1.0
vendor:	huawei	model:	nip6300	scope:	eq	version:	v500r001c20	Trust: 1.0
vendor:	huawei	model:	ips	scope:	eq	version:	v500r001c30spc100pwe	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v500r005c00	Trust: 1.0
vendor:	huawei	model:	nip6600	scope:	eq	version:	v500r001c20spc200b062	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v500r001c20spc100pwe	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c00spc050	Trust: 1.0
vendor:	huawei	model:	nip6800	scope:	eq	version:	v500r005c00	Trust: 1.0
vendor:	huawei	model:	nip6600	scope:	eq	version:	v500r001c00spc500	Trust: 1.0
vendor:	huawei	model:	ips	scope:	eq	version:	v500r001c30spc200	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v500r001c50	Trust: 1.0
vendor:	huawei	model:	secospace antiddos8000	scope:	eq	version:	v500r001c20spc600	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v500r005c00	Trust: 1.0
vendor:	huawei	model:	nip6600	scope:	eq	version:	v500r001c20spc300b078	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v500r001c20spc100pwe	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c00sph303	Trust: 1.0
vendor:	huawei	model:	nip6600	scope:	eq	version:	v500r001c30spc100pwe	Trust: 1.0
vendor:	huawei	model:	secospace antiddos8000	scope:	eq	version:	v500r001c00spc600	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v500r001c30spc100	Trust: 1.0
vendor:	huawei	model:	secospace antiddos8000	scope:	eq	version:	v500r005c00spc100	Trust: 1.0
vendor:	huawei	model:	secospace antiddos8000	scope:	eq	version:	v500r001c60spc101	Trust: 1.0
vendor:	huawei	model:	nip6600	scope:	eq	version:	v500r001c30spc200	Trust: 1.0
vendor:	huawei	model:	secospace antiddos8000	scope:	eq	version:	v500r001c00	Trust: 1.0
vendor:	huawei	model:	ips	scope:	eq	version:	v500r001c30	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v500r001c30spc100	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v500r001c80	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c30spc100pwe	Trust: 1.0
vendor:	huawei	model:	nip6800	scope:	eq	version:	v500r001c80	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v500r001c30	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c50pwe	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c30spc600	Trust: 1.0
vendor:	huawei	model:	ngfw	scope:	eq	version:	v500r001c20spc200	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v500r001c80	Trust: 1.0
vendor:	huawei	model:	ips	scope:	eq	version:	v500r001c30spc200pwe	Trust: 1.0
vendor:	huawei	model:	svn5600	scope:	eq	version:	v200r003c00spc100	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c30spc200	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v500r001c00sph508	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r005c00spc102	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v500r001c30spc200pwe	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v500r001c00spc500pwe	Trust: 1.0
vendor:	huawei	model:	usg6000v	scope:	eq	version:	v500r001c20spc100	Trust: 1.0
vendor:	huawei	model:	ngfw	scope:	eq	version:	v500r002c00spc300	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v500r001c00sph508	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v500r001c30spc200pwe	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v100r001c10spc200	Trust: 1.0
vendor:	huawei	model:	ngfw	scope:	eq	version:	v500r002c00spc200	Trust: 1.0
vendor:	huawei	model:	nip6600	scope:	eq	version:	v500r001c20spc200	Trust: 1.0
vendor:	huawei	model:	nip6300	scope:	eq	version:	v500r001c20spc200pwe	Trust: 1.0
vendor:	huawei	model:	ap2000	scope:	eq	version:	v200r006c10	Trust: 1.0
vendor:	huawei	model:	ngfw	scope:	eq	version:	v500r001c00spc500	Trust: 1.0
vendor:	huawei	model:	nip6300	scope:	eq	version:	v500r001c50pwe	Trust: 1.0
vendor:	huawei	model:	ngfw	scope:	eq	version:	v500r005c00	Trust: 1.0
vendor:	huawei	model:	ngfw	scope:	eq	version:	v500r001c20spc100pwe	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c20spc100	Trust: 1.0
vendor:	huawei	model:	ngfw	scope:	eq	version:	v500r001c20spc300b078	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v500r001c30spc300	Trust: 1.0
vendor:	huawei	model:	ips	scope:	eq	version:	v500r001c50	Trust: 1.0
vendor:	huawei	model:	svn5800-c	scope:	eq	version:	v200r003c00spc100	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v500r001c80pwe	Trust: 1.0
vendor:	huawei	model:	nip6300	scope:	eq	version:	v500r001c20spc300pwe	Trust: 1.0
vendor:	huawei	model:	usg6000v	scope:	eq	version:	v500r003c00spc100	Trust: 1.0
vendor:	huawei	model:	ips	scope:	eq	version:	v500r001c20	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c20spc200	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v500r001c20spc200pwe	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v500r001c50	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v100r001c20spc100	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v500r001c20spc300pwe	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v500r001c30spc300	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v100r001c00spc200	Trust: 1.0
vendor:	huawei	model:	secospace antiddos8000	scope:	eq	version:	v500r001c20spc300	Trust: 1.0
vendor:	huawei	model:	nip6800	scope:	eq	version:	v500r001c50	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v500r001c20	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v500r001c80pwe	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c30spc600pwe	Trust: 1.0
vendor:	huawei	model:	nip6600	scope:	eq	version:	v500r005c00	Trust: 1.0
vendor:	huawei	model:	nip6600	scope:	eq	version:	v500r001c20spc100pwe	Trust: 1.0
vendor:	huawei	model:	ips	scope:	eq	version:	v500r001c30spc100	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v500r001c20spc300pwe	Trust: 1.0
vendor:	huawei	model:	ap2000	scope:	eq	version:	v200r005c30	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v500r001c20	Trust: 1.0
vendor:	huawei	model:	ap2000	scope:	eq	version:	v200r008c10	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c60spc100pwe	Trust: 1.0
vendor:	huawei	model:	ngfw	scope:	eq	version:	v500r002c30	Trust: 1.0
vendor:	huawei	model:	nip6300	scope:	eq	version:	v500r001c20spc100	Trust: 1.0
vendor:	huawei	model:	ips	scope:	eq	version:	v500r001c80	Trust: 1.0
vendor:	huawei	model:	nip6300	scope:	eq	version:	v500r001c00spc300	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c00spc500	Trust: 1.0
vendor:	huawei	model:	ngfw	scope:	eq	version:	v500r002c00spc100	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r005c00	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c20spc100pwe	Trust: 1.0
vendor:	huawei	model:	nip6600	scope:	eq	version:	v500r001c30spc100	Trust: 1.0
vendor:	huawei	model:	usg6000v	scope:	eq	version:	v500r001c10spc200	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c20spc300b078	Trust: 1.0
vendor:	huawei	model:	ngfw	scope:	eq	version:	v500r001c00sph508	Trust: 1.0
vendor:	huawei	model:	secospace antiddos8000	scope:	eq	version:	v500r001c00spc300	Trust: 1.0
vendor:	huawei	model:	ips	scope:	eq	version:	v500r001c00sph508	Trust: 1.0
vendor:	huawei	model:	nip6600	scope:	eq	version:	v500r001c80	Trust: 1.0
vendor:	huawei	model:	ngfw	scope:	eq	version:	v500r001c00spc500pwe	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c50spc300	Trust: 1.0
vendor:	huawei	model:	secospace antiddos8000	scope:	eq	version:	v500r001c60spc600	Trust: 1.0
vendor:	huawei	model:	nip6300	scope:	eq	version:	v500r001c00sph303	Trust: 1.0
vendor:	huawei	model:	nip6600	scope:	eq	version:	v500r001c30	Trust: 1.0
vendor:	huawei	model:	ap2000	scope:	eq	version:	v200r007c10	Trust: 1.0
vendor:	huawei	model:	secospace usg6600	scope:	eq	version:	v500r001c60spc100	Trust: 1.0
vendor:	huawei	model:	nip6300	scope:	eq	version:	v500r001c20spc200b062	Trust: 1.0
vendor:	huawei	model:	secospace antiddos8000	scope:	eq	version:	v500r001c00sph303	Trust: 1.0
vendor:	huawei	model:	nip6600	scope:	eq	version:	v500r001c00sph508	Trust: 1.0
vendor:	huawei	model:	ap2000	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ips module	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ngfw module	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	nip6300	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	nip6600	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	nip6800	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	s5700	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	svn5600	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	svn5800	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	svn5800-c	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2019-013324 // NVD: CVE-2019-5254

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-5254
value:	HIGH
Trust: 1.0
NVD:	CVE-2019-5254
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201912-546
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2019-5254
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8

nvd@nist.gov:	CVE-2019-5254
baseSeverity:	HIGH
baseScore:	8.6
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	4.0
version:	3.1
Trust: 1.0
NVD:	CVE-2019-5254
baseSeverity:	HIGH
baseScore:	8.6
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2019-013324 // CNNVD: CNNVD-201912-546 // NVD: CVE-2019-5254

PROBLEMTYPE DATA

problemtype:

CWE-125

Trust: 1.8

sources: JVNDB: JVNDB-2019-013324 // NVD: CVE-2019-5254

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201912-546

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201912-546

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-013324

PATCH

title:	huawei-sa-20191211-01-ssp	url:	https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en	Trust: 0.8
title:	Multiple Huawei Product Buffer Error Vulnerability Fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=105908	Trust: 0.6

sources: JVNDB: JVNDB-2019-013324 // CNNVD: CNNVD-201912-546

EXTERNAL IDS

db:	NVD	id:	CVE-2019-5254	Trust: 2.4
db:	JVNDB	id:	JVNDB-2019-013324	Trust: 0.8
db:	CNNVD	id:	CNNVD-201912-546	Trust: 0.6

sources: JVNDB: JVNDB-2019-013324 // CNNVD: CNNVD-201912-546 // NVD: CVE-2019-5254

REFERENCES

url:	https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en	Trust: 1.6
url:	https://nvd.nist.gov/vuln/detail/cve-2019-5254	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5254	Trust: 0.8
url:	https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20191211-01-ssp-cn	Trust: 0.6

sources: JVNDB: JVNDB-2019-013324 // CNNVD: CNNVD-201912-546 // NVD: CVE-2019-5254

SOURCES

db:	JVNDB	id:	JVNDB-2019-013324
db:	CNNVD	id:	CNNVD-201912-546
db:	NVD	id:	CVE-2019-5254

LAST UPDATE DATE

2024-11-23T22:25:39.619000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2019-013324	date:	2019-12-25T00:00:00
db:	CNNVD	id:	CNNVD-201912-546	date:	2020-08-13T00:00:00
db:	NVD	id:	CVE-2019-5254	date:	2024-11-21T04:44:36.743

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2019-013324	date:	2019-12-25T00:00:00
db:	CNNVD	id:	CNNVD-201912-546	date:	2019-12-11T00:00:00
db:	NVD	id:	CVE-2019-5254	date:	2019-12-13T23:15:11.660