1. Home
  2. CVE Database
  3. CVE-2019-5304
HIGH · 7.5

CVE-2019-5304

Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation ...

Vulnerability Description

Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
HuaweiAr120-S Firmwarev200r006c10
HuaweiAr120-S-
HuaweiAr1200 Firmwarev200r003c01
HuaweiAr1200-
HuaweiAr1200-S Firmwarev200r003c01
HuaweiAr1200-S-
HuaweiAr150 Firmwarev200r003c01
HuaweiAr150-
HuaweiAr150-S Firmwarev200r003c01
HuaweiAr150-S-
HuaweiAr160 Firmwarev200r005c20
HuaweiAr160-
HuaweiAr200 Firmwarev200r003c01
HuaweiAr200-
HuaweiAr200-S Firmwarev200r003c01
HuaweiAr200-S-
HuaweiAr2200 Firmwarev200r003c01
HuaweiAr2200-
HuaweiAr2200-S Firmwarev200r003c01
HuaweiAr2200-S-

Related Weaknesses (CWE)

CWE-120

References

FAQ

What is CVE-2019-5304?

CVE-2019-5304 is a vulnerability with a CVSS score of 7.5 (HIGH). Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation ...

How severe is CVE-2019-5304?

CVE-2019-5304 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-5304?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei Ar120-S Firmware, Huawei Ar120-S, Huawei Ar1200 Firmware, Huawei Ar1200, Huawei Ar1200-S Firmware.