Huawei : Out-of-Bounds Read Vulnerability in Huawei CloudEngine Products (huawei-sa-20201230-02-cloudengine)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.151444

Kategorie: Huawei

Titel: Out-of-Bounds Read Vulnerability in Huawei CloudEngine Products (huawei-sa-20201230-02-cloudengine)

Zusammenfassung: There is an out-of-bounds read vulnerability in Huawei; CloudEngine products.

Beschreibung: Summary:
There is an out-of-bounds read vulnerability in Huawei
CloudEngine products.

Vulnerability Insight:
The software reads data past the end of the intended buffer
when parsing certain PIM message, an adjacent attacker could send crafted PIM messages to the
device.

Vulnerability Impact:
A successful exploit could cause out of bounds read when the
system does the certain operation.

Affected Software/OS:
CloudEngine 12800 versions V200R002C50SPC800,
V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800, V200R019C10SPC800

CloudEngine 5800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800,
V200R005C10SPC800, V200R019C00SPC800, V200R019C10SPC800

CloudEngine 6800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800,
V200R005C10SPC800, V200R005C20SPC800, V200R019C00SPC800, V200R019C10SPC800

CloudEngine 7800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800,
V200R005C10SPC800, V200R019C00SPC800, V200R019C10SPC800

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
3.3

CVSS Vector:
AV:A/AC:L/Au:N/C:P/I:N/A:N

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2020-1865
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201230-02-cloudengine-en

Copyright Copyright (C) 2023 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.151444
Kategorie:	Huawei
Titel:	Out-of-Bounds Read Vulnerability in Huawei CloudEngine Products (huawei-sa-20201230-02-cloudengine)
Zusammenfassung:	There is an out-of-bounds read vulnerability in Huawei; CloudEngine products.
Beschreibung:	Summary: There is an out-of-bounds read vulnerability in Huawei CloudEngine products. Vulnerability Insight: The software reads data past the end of the intended buffer when parsing certain PIM message, an adjacent attacker could send crafted PIM messages to the device. Vulnerability Impact: A successful exploit could cause out of bounds read when the system does the certain operation. Affected Software/OS: CloudEngine 12800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800, V200R019C10SPC800 CloudEngine 5800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800, V200R019C10SPC800 CloudEngine 6800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R005C20SPC800, V200R019C00SPC800, V200R019C10SPC800 CloudEngine 7800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800, V200R019C10SPC800 Solution: See the referenced vendor advisory for a solution. CVSS Score: 3.3 CVSS Vector: AV:A/AC:L/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2020-1865 https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201230-02-cloudengine-en
Copyright	Copyright (C) 2023 Greenbone AG