Huawei : Out-of-Bounds Read Vulnerability in Huawei CloudEngine Products (huawei-sa-20201230-02-cloudengine)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.151444

Categoría: Huawei

Título: Out-of-Bounds Read Vulnerability in Huawei CloudEngine Products (huawei-sa-20201230-02-cloudengine)

Resumen: There is an out-of-bounds read vulnerability in Huawei; CloudEngine products.

Descripción: Summary:
There is an out-of-bounds read vulnerability in Huawei
CloudEngine products.

Vulnerability Insight:
The software reads data past the end of the intended buffer
when parsing certain PIM message, an adjacent attacker could send crafted PIM messages to the
device.

Vulnerability Impact:
A successful exploit could cause out of bounds read when the
system does the certain operation.

Affected Software/OS:
CloudEngine 12800 versions V200R002C50SPC800,
V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800, V200R019C10SPC800

CloudEngine 5800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800,
V200R005C10SPC800, V200R019C00SPC800, V200R019C10SPC800

CloudEngine 6800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800,
V200R005C10SPC800, V200R005C20SPC800, V200R019C00SPC800, V200R019C10SPC800

CloudEngine 7800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800,
V200R005C10SPC800, V200R019C00SPC800, V200R019C10SPC800

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
3.3

CVSS Vector:
AV:A/AC:L/Au:N/C:P/I:N/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2020-1865
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201230-02-cloudengine-en

Copyright Copyright (C) 2023 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.151444
Categoría:	Huawei
Título:	Out-of-Bounds Read Vulnerability in Huawei CloudEngine Products (huawei-sa-20201230-02-cloudengine)
Resumen:	There is an out-of-bounds read vulnerability in Huawei; CloudEngine products.
Descripción:	Summary: There is an out-of-bounds read vulnerability in Huawei CloudEngine products. Vulnerability Insight: The software reads data past the end of the intended buffer when parsing certain PIM message, an adjacent attacker could send crafted PIM messages to the device. Vulnerability Impact: A successful exploit could cause out of bounds read when the system does the certain operation. Affected Software/OS: CloudEngine 12800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800, V200R019C10SPC800 CloudEngine 5800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800, V200R019C10SPC800 CloudEngine 6800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R005C20SPC800, V200R019C00SPC800, V200R019C10SPC800 CloudEngine 7800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800, V200R019C10SPC800 Solution: See the referenced vendor advisory for a solution. CVSS Score: 3.3 CVSS Vector: AV:A/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2020-1865 https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201230-02-cloudengine-en
Copyright	Copyright (C) 2023 Greenbone AG