CVE-2019-5291
Summary
| CVE | CVE-2019-5291 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-12-13 15:15:00 UTC |
| Updated | 2019-12-19 19:18:00 UTC |
| Description | Some Huawei products have an insufficient verification of data authenticity vulnerability. A remote, unauthenticated attacker has to intercept specific packets between two devices, modify the packets, and send the modified packets to the peer device. Due to insufficient verification of some fields in the packets, an attacker may exploit the vulnerability to cause the target device to be abnormal. |
Risk And Classification
Problem Types: CWE-345
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Huawei | Ar120-s | - | All | All | All |
| Hardware | Huawei | Ar120-s | - | All | All | All |
| Operating System | Huawei | Ar120-s Firmware | v200r005c20 | All | All | All |
| Operating System | Huawei | Ar120-s Firmware | v200r006c10 | All | All | All |
| Operating System | Huawei | Ar120-s Firmware | v200r007c00 | All | All | All |
| Operating System | Huawei | Ar120-s Firmware | v200r008c50 | All | All | All |
| Operating System | Huawei | Ar120-s Firmware | v200r005c20 | All | All | All |
| Operating System | Huawei | Ar120-s Firmware | v200r006c10 | All | All | All |
| Operating System | Huawei | Ar120-s Firmware | v200r007c00 | All | All | All |
| Operating System | Huawei | Ar120-s Firmware | v200r008c50 | All | All | All |
| Hardware | Huawei | Ar1200 | - | All | All | All |
| Hardware | Huawei | Ar1200 | - | All | All | All |
| Hardware | Huawei | Ar1200-s | - | All | All | All |
| Hardware | Huawei | Ar1200-s | - | All | All | All |
| Operating System | Huawei | Ar1200-s Firmware | v200r005c20 | All | All | All |
| Operating System | Huawei | Ar1200-s Firmware | v200r006c10 | All | All | All |
| Operating System | Huawei | Ar1200-s Firmware | v200r007c00 | All | All | All |
| Operating System | Huawei | Ar1200-s Firmware | v200r008c50 | All | All | All |
| Operating System | Huawei | Ar1200-s Firmware | v200r005c20 | All | All | All |
| Operating System | Huawei | Ar1200-s Firmware | v200r006c10 | All | All | All |
| Operating System | Huawei | Ar1200-s Firmware | v200r007c00 | All | All | All |
| Operating System | Huawei | Ar1200-s Firmware | v200r008c50 | All | All | All |
| Operating System | Huawei | Ar1200 Firmware | v200r005c00 | All | All | All |
| Operating System | Huawei | Ar1200 Firmware | v200r006c10 | All | All | All |
| Operating System | Huawei | Ar1200 Firmware | v200r007c00 | All | All | All |
| Operating System | Huawei | Ar1200 Firmware | v200r008c50 | All | All | All |
| Operating System | Huawei | Ar1200 Firmware | v200r005c00 | All | All | All |
| Operating System | Huawei | Ar1200 Firmware | v200r006c10 | All | All | All |
| Operating System | Huawei | Ar1200 Firmware | v200r007c00 | All | All | All |
| Operating System | Huawei | Ar1200 Firmware | v200r008c50 | All | All | All |
| Hardware | Huawei | Ar150 | - | All | All | All |
| Hardware | Huawei | Ar150 | - | All | All | All |
| Hardware | Huawei | Ar150-s | - | All | All | All |
| Hardware | Huawei | Ar150-s | - | All | All | All |
| Operating System | Huawei | Ar150-s Firmware | v200r005c20 | All | All | All |
| Operating System | Huawei | Ar150-s Firmware | v200r006c10 | All | All | All |
| Operating System | Huawei | Ar150-s Firmware | v200r007c00 | All | All | All |
| Operating System | Huawei | Ar150-s Firmware | v200r008c50 | All | All | All |
| Operating System | Huawei | Ar150-s Firmware | v200r005c20 | All | All | All |
| Operating System | Huawei | Ar150-s Firmware | v200r006c10 | All | All | All |
| Operating System | Huawei | Ar150-s Firmware | v200r007c00 | All | All | All |
| Operating System | Huawei | Ar150-s Firmware | v200r008c50 | All | All | All |
| Operating System | Huawei | Ar150 Firmware | v200r005c20 | All | All | All |
| Operating System | Huawei | Ar150 Firmware | v200r006c10 | All | All | All |
| Operating System | Huawei | Ar150 Firmware | v200r007c00 | All | All | All |
| Operating System | Huawei | Ar150 Firmware | v200r008c50 | All | All | All |
| Operating System | Huawei | Ar150 Firmware | v200r005c20 | All | All | All |
| Operating System | Huawei | Ar150 Firmware | v200r006c10 | All | All | All |
| Operating System | Huawei | Ar150 Firmware | v200r007c00 | All | All | All |
| Operating System | Huawei | Ar150 Firmware | v200r008c50 | All | All | All |
| Hardware | Huawei | Ar160 | - | All | All | All |
| Hardware | Huawei | Ar160 | - | All | All | All |
| Operating System | Huawei | Ar160 Firmware | v200r005c20 | All | All | All |
| Operating System | Huawei | Ar160 Firmware | v200r006c10 | All | All | All |
| Operating System | Huawei | Ar160 Firmware | v200r007c00 | All | All | All |
| Operating System | Huawei | Ar160 Firmware | v200r008c50 | All | All | All |
| Operating System | Huawei | Ar160 Firmware | v200r005c20 | All | All | All |
| Operating System | Huawei | Ar160 Firmware | v200r006c10 | All | All | All |
| Operating System | Huawei | Ar160 Firmware | v200r007c00 | All | All | All |
| Operating System | Huawei | Ar160 Firmware | v200r008c50 | All | All | All |
| Hardware | Huawei | Ar200 | - | All | All | All |
| Hardware | Huawei | Ar200 | - | All | All | All |
| Hardware | Huawei | Ar200-s | - | All | All | All |
| Hardware | Huawei | Ar200-s | - | All | All | All |
| Operating System | Huawei | Ar200-s Firmware | v200r005c20 | All | All | All |
| Operating System | Huawei | Ar200-s Firmware | v200r006c10 | All | All | All |
| Operating System | Huawei | Ar200-s Firmware | v200r007c00 | All | All | All |
| Operating System | Huawei | Ar200-s Firmware | v200r008c50 | All | All | All |
| Operating System | Huawei | Ar200-s Firmware | v200r005c20 | All | All | All |
| Operating System | Huawei | Ar200-s Firmware | v200r006c10 | All | All | All |
| Operating System | Huawei | Ar200-s Firmware | v200r007c00 | All | All | All |
| Operating System | Huawei | Ar200-s Firmware | v200r008c50 | All | All | All |
| Operating System | Huawei | Ar200 Firmware | v200r005c20 | All | All | All |
| Operating System | Huawei | Ar200 Firmware | v200r006c10 | All | All | All |
| Operating System | Huawei | Ar200 Firmware | v200r007c00 | All | All | All |
| Operating System | Huawei | Ar200 Firmware | v200r008c50 | All | All | All |
| Operating System | Huawei | Ar200 Firmware | v200r005c20 | All | All | All |
| Operating System | Huawei | Ar200 Firmware | v200r006c10 | All | All | All |
| Operating System | Huawei | Ar200 Firmware | v200r007c00 | All | All | All |
| Operating System | Huawei | Ar200 Firmware | v200r008c50 | All | All | All |
| Hardware | Huawei | Ar2200 | - | All | All | All |
| Hardware | Huawei | Ar2200 | - | All | All | All |
| Hardware | Huawei | Ar2200-s | - | All | All | All |
| Hardware | Huawei | Ar2200-s | - | All | All | All |
| Operating System | Huawei | Ar2200-s Firmware | v200r005c20 | All | All | All |
| Operating System | Huawei | Ar2200-s Firmware | v200r006c10 | All | All | All |
| Operating System | Huawei | Ar2200-s Firmware | v200r007c00 | All | All | All |
| Operating System | Huawei | Ar2200-s Firmware | v200r008c50 | All | All | All |
| Operating System | Huawei | Ar2200-s Firmware | v200r005c20 | All | All | All |
| Operating System | Huawei | Ar2200-s Firmware | v200r006c10 | All | All | All |
| Operating System | Huawei | Ar2200-s Firmware | v200r007c00 | All | All | All |
| Operating System | Huawei | Ar2200-s Firmware | v200r008c50 | All | All | All |
| Operating System | Huawei | Ar2200 Firmware | v200r005c20 | All | All | All |
| Operating System | Huawei | Ar2200 Firmware | v200r006c10 | All | All | All |
| Operating System | Huawei | Ar2200 Firmware | v200r007c00 | All | All | All |
| Operating System | Huawei | Ar2200 Firmware | v200r008c50 | All | All | All |
| Operating System | Huawei | Ar2200 Firmware | v200r005c20 | All | All | All |
| Operating System | Huawei | Ar2200 Firmware | v200r006c10 | All | All | All |
| Operating System | Huawei | Ar2200 Firmware | v200r007c00 | All | All | All |
| Operating System | Huawei | Ar2200 Firmware | v200r008c50 | All | All | All |
| Hardware | Huawei | Ar3200 | - | All | All | All |
| Hardware | Huawei | Ar3200 | - | All | All | All |
| Operating System | Huawei | Ar3200 Firmware | v200r005c20 | All | All | All |
| Operating System | Huawei | Ar3200 Firmware | v200r006c10 | All | All | All |
| Operating System | Huawei | Ar3200 Firmware | v200r007c00 | All | All | All |
| Operating System | Huawei | Ar3200 Firmware | v200r008c50 | All | All | All |
| Operating System | Huawei | Ar3200 Firmware | v200r005c20 | All | All | All |
| Operating System | Huawei | Ar3200 Firmware | v200r006c10 | All | All | All |
| Operating System | Huawei | Ar3200 Firmware | v200r007c00 | All | All | All |
| Operating System | Huawei | Ar3200 Firmware | v200r008c50 | All | All | All |
| Hardware | Huawei | Ar3600 | - | All | All | All |
| Hardware | Huawei | Ar3600 | - | All | All | All |
| Operating System | Huawei | Ar3600 Firmware | v200r006c10 | All | All | All |
| Operating System | Huawei | Ar3600 Firmware | v200r007c00 | All | All | All |
| Operating System | Huawei | Ar3600 Firmware | v200r008c50 | All | All | All |
| Operating System | Huawei | Ar3600 Firmware | v200r006c10 | All | All | All |
| Operating System | Huawei | Ar3600 Firmware | v200r007c00 | All | All | All |
| Operating System | Huawei | Ar3600 Firmware | v200r008c50 | All | All | All |
| Hardware | Huawei | Cloudengine 12800 | - | All | All | All |
| Hardware | Huawei | Cloudengine 12800 | - | All | All | All |
| Operating System | Huawei | Cloudengine 12800 Firmware | v200r002c10 | All | All | All |
| Operating System | Huawei | Cloudengine 12800 Firmware | v200r002c20 | All | All | All |
| Operating System | Huawei | Cloudengine 12800 Firmware | v200r002c10 | All | All | All |
| Operating System | Huawei | Cloudengine 12800 Firmware | v200r002c20 | All | All | All |
| Hardware | Huawei | Netengine16ex | - | All | All | All |
| Hardware | Huawei | Netengine16ex | - | All | All | All |
| Operating System | Huawei | Netengine16ex Firmware | v200r005c20 | All | All | All |
| Operating System | Huawei | Netengine16ex Firmware | v200r006c10 | All | All | All |
| Operating System | Huawei | Netengine16ex Firmware | v200r007c00 | All | All | All |
| Operating System | Huawei | Netengine16ex Firmware | v200r008c50 | All | All | All |
| Operating System | Huawei | Netengine16ex Firmware | v200r005c20 | All | All | All |
| Operating System | Huawei | Netengine16ex Firmware | v200r006c10 | All | All | All |
| Operating System | Huawei | Netengine16ex Firmware | v200r007c00 | All | All | All |
| Operating System | Huawei | Netengine16ex Firmware | v200r008c50 | All | All | All |
| Hardware | Huawei | S6700 | - | All | All | All |
| Hardware | Huawei | S6700 | - | All | All | All |
| Operating System | Huawei | S6700 Firmware | v200r008c00 | All | All | All |
| Operating System | Huawei | S6700 Firmware | v200r010c00spc300 | All | All | All |
| Operating System | Huawei | S6700 Firmware | v200r010c00spc600 | All | All | All |
| Operating System | Huawei | S6700 Firmware | v200r011c00spc200 | All | All | All |
| Operating System | Huawei | S6700 Firmware | v200r008c00 | All | All | All |
| Operating System | Huawei | S6700 Firmware | v200r010c00spc300 | All | All | All |
| Operating System | Huawei | S6700 Firmware | v200r010c00spc600 | All | All | All |
| Operating System | Huawei | S6700 Firmware | v200r011c00spc200 | All | All | All |
| Hardware | Huawei | Srg1300 | - | All | All | All |
| Hardware | Huawei | Srg1300 | - | All | All | All |
| Operating System | Huawei | Srg1300 Firmware | v200r005c20 | All | All | All |
| Operating System | Huawei | Srg1300 Firmware | v200r006c10 | All | All | All |
| Operating System | Huawei | Srg1300 Firmware | v200r007c00 | All | All | All |
| Operating System | Huawei | Srg1300 Firmware | v200r008c50 | All | All | All |
| Operating System | Huawei | Srg1300 Firmware | v200r005c20 | All | All | All |
| Operating System | Huawei | Srg1300 Firmware | v200r006c10 | All | All | All |
| Operating System | Huawei | Srg1300 Firmware | v200r007c00 | All | All | All |
| Operating System | Huawei | Srg1300 Firmware | v200r008c50 | All | All | All |
| Hardware | Huawei | Srg2300 | - | All | All | All |
| Hardware | Huawei | Srg2300 | - | All | All | All |
| Operating System | Huawei | Srg2300 Firmware | v200r005c20 | All | All | All |
| Operating System | Huawei | Srg2300 Firmware | v200r006c10 | All | All | All |
| Operating System | Huawei | Srg2300 Firmware | v200r007c00 | All | All | All |
| Operating System | Huawei | Srg2300 Firmware | v200r008c50 | All | All | All |
| Operating System | Huawei | Srg2300 Firmware | v200r005c20 | All | All | All |
| Operating System | Huawei | Srg2300 Firmware | v200r006c10 | All | All | All |
| Operating System | Huawei | Srg2300 Firmware | v200r007c00 | All | All | All |
| Operating System | Huawei | Srg2300 Firmware | v200r008c50 | All | All | All |
| Hardware | Huawei | Srg3300 | - | All | All | All |
| Hardware | Huawei | Srg3300 | - | All | All | All |
| Operating System | Huawei | Srg3300 Firmware | v200r005c20 | All | All | All |
| Operating System | Huawei | Srg3300 Firmware | v200r006c10 | All | All | All |
| Operating System | Huawei | Srg3300 Firmware | v200r007c00 | All | All | All |
| Operating System | Huawei | Srg3300 Firmware | v200r008c50 | All | All | All |
| Operating System | Huawei | Srg3300 Firmware | v200r005c20 | All | All | All |
| Operating System | Huawei | Srg3300 Firmware | v200r006c10 | All | All | All |
| Operating System | Huawei | Srg3300 Firmware | v200r007c00 | All | All | All |
| Operating System | Huawei | Srg3300 Firmware | v200r008c50 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Security Advisory - Insufficient Verification of Data Authenticity Vulnerability in Some Huawei Products | MISC | www.huawei.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 43876 Huawei Router and Switch Insufficient Verification of Data Authenticity Vulnerability (huawei-sa-20191204-01-validation-en)