USG9500 with versions of V500R001C30;V500R001C60 have a missing integrity checking vulnerability. The software of the affected products does not check the integrity which may allow an attacker with high privilege to make malicious modifications without detection.
References
Link | Resource |
---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-digital-en | Vendor Advisory |
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-digital-en | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 04:44
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-digital-en - Vendor Advisory |
Information
Published : 2019-12-26 19:15
Updated : 2024-11-21 04:44
NVD link : CVE-2019-5272
Mitre link : CVE-2019-5272
CVE.ORG link : CVE-2019-5272
JSON object : View
Products Affected
huawei
- usg9500
- usg9500_firmware
CWE
CWE-354
Improper Validation of Integrity Check Value