CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
58.8%
There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash.
Vendor | Product | Version | CPE |
---|---|---|---|
huawei | dbs3900_tdd_lte_firmware | v100r003c00 | cpe:2.3:o:huawei:dbs3900_tdd_lte_firmware:v100r003c00:*:*:*:*:*:*:* |
huawei | dbs3900_tdd_lte_firmware | v100r004c10 | cpe:2.3:o:huawei:dbs3900_tdd_lte_firmware:v100r004c10:*:*:*:*:*:*:* |
huawei | dbs3900_tdd_lte | - | cpe:2.3:h:huawei:dbs3900_tdd_lte:-:*:*:*:*:*:*:* |
huawei | dp300_firmware | v500r002c00 | cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:* |
huawei | dp300 | - | cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:* |
huawei | rp200_firmware | v500r002c00spc200 | cpe:2.3:o:huawei:rp200_firmware:v500r002c00spc200:*:*:*:*:*:*:* |
huawei | rp200_firmware | v600r006c00 | cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:* |
huawei | rp200 | - | cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:* |
huawei | te30_firmware | v100r001c10 | cpe:2.3:o:huawei:te30_firmware:v100r001c10:*:*:*:*:*:*:* |
huawei | te30_firmware | v600r006c00 | cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:* |
[
{
"product": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50"
},
{
"status": "affected",
"version": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800"
},
{
"status": "affected",
"version": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50"
},
{
"status": "affected",
"version": "V100R005C00,V100R005C10,V200R001C00,V200R002C50"
},
{
"status": "affected",
"version": "V100R003C00,V100R004C10"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C00SPC200,V600R006C00"
},
{
"status": "affected",
"version": "V100R001C10,V600R006C00"
},
{
"status": "affected",
"version": "V600R006C00"
},
{
"status": "affected",
"version": "V100R001C10,V500R002C00,V600R006C00"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
]
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
58.8%