CVE-2019-5291
Description
Some Huawei products have an insufficient verification of data authenticity vulnerability. A remote, unauthenticated attacker has to intercept specific packets between two devices, modify the packets, and send the modified packets to the peer device. Due to insufficient verification of some fields in the packets, an attacker may exploit the vulnerability to cause the target device to be abnormal.
Risk Information
Base Score
5.9
MODERATE
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.221
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities affected in ar120-s_firmware v200r007c00 | NCM |
| Multiple Vulnerabilities affected in ar120-s_firmware v200r006c10 | NCM |
| Vulnerabilities CVE-2019-5259 ,CVE-2019-5291 ,CVE-2019-5304 are affected in ar120-s_firmware v200r008c50 | NCM |
| Vulnerabilities CVE-2019-5291 ,CVE-2019-5293 ,CVE-2019-5294 are affected in ar120-s_firmware v200r005c20 | NCM |
| Insufficient Verification of Data Authenticity Vulnerability (CVE-2019-5291) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234