Huawei : Huawei Data Communication: Memory Leak Vulnerability in Some Huawei Products (huawei-sa-20191023-01-memory)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.143121

Kategorie: Huawei

Titel: Huawei Data Communication: Memory Leak Vulnerability in Some Huawei Products (huawei-sa-20191023-01-memory)

Zusammenfassung: Some Huawei products have a memory leak vulnerability when handling some messages.

Beschreibung: Summary:
Some Huawei products have a memory leak vulnerability when handling some messages.

Vulnerability Insight:
Some Huawei products have a memory leak vulnerability when handling some messages. A remote attacker with operation privilege could exploit the vulnerability by sending specific messages continuously. Successful exploit may cause some service abnormal. (Vulnerability ID: HWPSIRT-2019-04075)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2019-5293.Huawei has released software updates to fix this vulnerability. This advisory is available in the linked references.

Vulnerability Impact:
Successful exploit may cause some service abnormal.

Affected Software/OS:
AR120-S versions V200R005C20 V200R006C10

AR1200 versions V200R005C20 V200R006C10

AR1200-S versions V200R005C20 V200R006C10

AR150 versions V200R005C20 V200R006C10

AR150-S versions V200R005C20 V200R006C10

AR160 versions V200R005C20 V200R006C10

AR200 versions V200R005C20 V200R006C10

AR200-S versions V200R005C20 V200R006C10

AR2200 versions V200R005C20 V200R006C10

AR2200-S versions V200R005C20 V200R006C10

AR3200 versions V200R005C20 V200R006C10

AR3600 versions V200R006C10

NIP6600 versions V500R001C30

NetEngine16EX versions V200R005C20 V200R006C10

SRG1300 versions V200R005C20 V200R006C10

SRG2300 versions V200R005C20 V200R006C10

SRG3300 versions V200R005C20 V200R006C10

Secospace AntiDDoS8000 versions V500R001C00 V500R001C20SPC200 V500R001C20SPC300 V500R001C20SPC500 V500R001C20SPC600

Secospace USG6300 versions V500R001C30

Secospace USG6600 versions V500R001C30

USG6000V versions V500R001C10 V500R001C10SPC100

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
4.0

CVSS Vector:
AV:N/AC:L/Au:S/C:N/I:N/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2019-5293
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191023-01-memory-en

Copyright Copyright (C) 2019 Greenbone Networks GmbH

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.143121
Kategorie:	Huawei
Titel:	Huawei Data Communication: Memory Leak Vulnerability in Some Huawei Products (huawei-sa-20191023-01-memory)
Zusammenfassung:	Some Huawei products have a memory leak vulnerability when handling some messages.
Beschreibung:	Summary: Some Huawei products have a memory leak vulnerability when handling some messages. Vulnerability Insight: Some Huawei products have a memory leak vulnerability when handling some messages. A remote attacker with operation privilege could exploit the vulnerability by sending specific messages continuously. Successful exploit may cause some service abnormal. (Vulnerability ID: HWPSIRT-2019-04075)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2019-5293.Huawei has released software updates to fix this vulnerability. This advisory is available in the linked references. Vulnerability Impact: Successful exploit may cause some service abnormal. Affected Software/OS: AR120-S versions V200R005C20 V200R006C10 AR1200 versions V200R005C20 V200R006C10 AR1200-S versions V200R005C20 V200R006C10 AR150 versions V200R005C20 V200R006C10 AR150-S versions V200R005C20 V200R006C10 AR160 versions V200R005C20 V200R006C10 AR200 versions V200R005C20 V200R006C10 AR200-S versions V200R005C20 V200R006C10 AR2200 versions V200R005C20 V200R006C10 AR2200-S versions V200R005C20 V200R006C10 AR3200 versions V200R005C20 V200R006C10 AR3600 versions V200R006C10 NIP6600 versions V500R001C30 NetEngine16EX versions V200R005C20 V200R006C10 SRG1300 versions V200R005C20 V200R006C10 SRG2300 versions V200R005C20 V200R006C10 SRG3300 versions V200R005C20 V200R006C10 Secospace AntiDDoS8000 versions V500R001C00 V500R001C20SPC200 V500R001C20SPC300 V500R001C20SPC500 V500R001C20SPC600 Secospace USG6300 versions V500R001C30 Secospace USG6600 versions V500R001C30 USG6000V versions V500R001C10 V500R001C10SPC100 Solution: See the referenced vendor advisory for a solution. CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2019-5293 http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191023-01-memory-en
Copyright	Copyright (C) 2019 Greenbone Networks GmbH