CVSS: 5.5EPSS: 0%CPEs: 261EXPL: 0CVE-2019-5255
https://notcve.org/view.php?id=CVE-2019-5255
Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a DoS vulnerability. An attacker may send crafted messages from a FTP client to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the system out-of-bounds read and result in a denial of service condition of the affected service. Ciertos productos de Huawei (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981), tienen una vulnerabilidad de DoS. Un atacante puede enviar mensajes especialmente diseñados desde un cliente FTP para explotar esta vulnerabilidad. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 261EXPL: 0CVE-2019-5256
https://notcve.org/view.php?id=CVE-2019-5256
Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a null pointer dereference vulnerability. The system dereferences a pointer that it expects to be valid, but is NULL. A local attacker could exploit this vulnerability by sending crafted parameters. A successful exploit could cause a denial of service and the process reboot. Ciertos productos de Huawei (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981), tienen una vulnerabilidad de desreferencia del puntero. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 261EXPL: 0CVE-2019-5258
https://notcve.org/view.php?id=CVE-2019-5258
Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a buffer overflow vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the affected board to be abnormal. Ciertos productos de Huawei (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981), tienen una vulnerabilidad de desbordamiento de búfer. Un atacante que inicie sesión en la tarjeta puede enviar mensajes especialmente diseñados desde el puerto de red interno o manipular los paquetes de mensajes entre procesos para explotar esta vulnerabilidad. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 261EXPL: 0CVE-2019-5257
https://notcve.org/view.php?id=CVE-2019-5257
Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace) have a resource management vulnerability. An attacker who logs in to the board may send crafted messages from the internal network. Ciertos productos Huawei (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace), tienen una vulnerabilidad de gestión de recursos. Un atacante que inicia sesión en la tarjeta puede enviar mensajes especialmente diseñados desde la red interna. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-en • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: 15EXPL: 0CVE-2019-5290
https://notcve.org/view.php?id=CVE-2019-5290
Huawei S5700 and S6700 have a DoS security vulnerability. Attackers with certain permissions perform specific operations on affected devices. Because the pointer in the program is not processed properly, the vulnerability can be exploited to cause the device to be abnormal. Los dispositivos Huawei S5700 y S6700 presentan una vulnerabilidad de seguridad de DoS. Los atacantes con determinados permisos llevan a cabo operaciones específicas en los dispositivos afectados. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-02-dos-en •