CVE-2019-19414

There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:huawei:dbs3900_tdd_lte_firmware:v100r003c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:dbs3900_tdd_lte_firmware:v100r004c10:*:*:*:*:*:*:*
cpe:2.3:h:huawei:dbs3900_tdd_lte:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
OR cpe:2.3:o:huawei:rp200_firmware:v500r002c00spc200:*:*:*:*:*:*:*
cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
OR cpe:2.3:o:huawei:te30_firmware:v100r001c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:huawei:te40_firmware:v600r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
OR cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:34

Type Values Removed Values Added
References () https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en - Vendor Advisory () https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en - Vendor Advisory

Information

Published : 2020-01-21 23:15

Updated : 2024-11-21 04:34


NVD link : CVE-2019-19414

Mitre link : CVE-2019-19414

CVE.ORG link : CVE-2019-19414


JSON object : View

Products Affected

huawei

  • te40
  • dp300
  • te50_firmware
  • rp200_firmware
  • te60
  • te30
  • dp300_firmware
  • dbs3900_tdd_lte_firmware
  • te30_firmware
  • rp200
  • te60_firmware
  • dbs3900_tdd_lte
  • te50
  • te40_firmware
CWE
CWE-190

Integer Overflow or Wraparound