CVE-2019-19414

There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:huawei:dbs3900_tdd_lte_firmware:v100r003c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:dbs3900_tdd_lte_firmware:v100r004c10:*:*:*:*:*:*:*
cpe:2.3:h:huawei:dbs3900_tdd_lte:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
OR cpe:2.3:o:huawei:rp200_firmware:v500r002c00spc200:*:*:*:*:*:*:*
cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
OR cpe:2.3:o:huawei:te30_firmware:v100r001c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:huawei:te40_firmware:v600r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
OR cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-01-21 23:15

Updated : 2024-02-28 17:28


NVD link : CVE-2019-19414

Mitre link : CVE-2019-19414

CVE.ORG link : CVE-2019-19414


JSON object : View

Products Affected

huawei

  • te50
  • te30_firmware
  • te40_firmware
  • rp200
  • rp200_firmware
  • dp300
  • dp300_firmware
  • te30
  • dbs3900_tdd_lte
  • te60_firmware
  • te60
  • te50_firmware
  • te40
  • dbs3900_tdd_lte_firmware
CWE
CWE-190

Integer Overflow or Wraparound