CVE-2019-5248

CloudEngine 12800 has a DoS vulnerability. An attacker of a neighboring device sends a large number of specific packets. As a result, a memory leak occurs after the device uses the specific packet. As a result, the attacker can exploit this vulnerability to cause DoS attacks on the target device.

Published: Dec 13, 2019
Updated: Apr 13, 2023
CVE: CVE-2019-5248
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.4
AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CVSS v2:

Severity: Medium
Score: 6.1
AV:A/AC:L/Au:N/C:N/I:N/A:C

CWEs:

CWE-401

Affected Software
References

Software	From	Fixed in
huawei / cloudengine_12800_firmware	200r001c00spc600	200r001c00spc600.x
huawei / cloudengine_12800_firmware	200r001c00spc700	200r001c00spc700.x
huawei / cloudengine_12800_firmware	200r002c01	200r002c01.x
huawei / cloudengine_12800_firmware	200r002c50spc800	200r002c50spc800.x
huawei / cloudengine_12800_firmware	200r002c50spc800pwe	200r002c50spc800pwe.x

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-dos-en

Vulnerability Database

289,697

CVE-2019-5248