Vulnerability Details CVE-2019-5284
There is a DoS vulnerability in RTSP module of Leland-AL00A Huawei smart phones versions earlier than Leland-AL00A 9.1.0.111(C00E111R2P10T8). Remote attackers could trick the user into opening a malformed RTSP media stream to exploit this vulnerability. Successful exploit could cause the affected phone abnormal, leading to a DoS condition. (Vulnerability ID: HWPSIRT-2019-02004)
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 39.0%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.3
References
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190523-01-smartphone-en
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190523-01-smartphone-en
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190523-01-smartphone-en
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190523-01-smartphone-en
Products affected by CVE-2019-5284
-
cpe:2.3:h:huawei:leland-al00a:-
-
cpe:2.3:o:huawei:leland-al00a_firmware:8.0.0.171(c00)
-
cpe:2.3:o:huawei:leland-al00a_firmware:8.0.0.182(c00)