CVE-2019-19415
Description
The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the attacker to cause buffer overflow and dead loop, leading to DoS condition. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.358
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities affected in ar120-s_firmware v200r007c00 | NCM |
| Multiple Vulnerabilities affected in ar120-s_firmware v200r006c10 | NCM |
| Multiple Vulnerabilities affected in ar120-s_firmware v200r008c20 | NCM |
| Vulnerabilities CVE-2017-8162 ,CVE-2017-8163 ,CVE-2019-19415 ,CVE-2019-19416 ,CVE-2019-19417 are affected in ar120-s_firmware v200r008c30 | NCM |
| Improper Input Validation Vulnerability (CVE-2019-19415) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234